ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities

ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically...

ETicket 1.5.5 - 'Open.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary...

Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting

Key Focus Web Server 3.1 - Index.WKF Cross-Site Scripting source: https://www.securityfocus.com/bid/24623/info Key Focus Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execu...

eNdonesia 8.4 - banners.php?click Action bid SQL Injection

eNdonesia 8.4 - banners.php?click Action bid SQL Injection source: https://www.securityfocus.com/bid/24590/info eNdonesia is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

csc-sqlxss.txt

--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...

FuseTalk 4.0 - blogincludecommoncomfinish.cfm?FTVAR_SCRIPTRUN Cross-Site Scripting

FuseTalk 4.0 - blogincludecommoncomfinish.cfm?FTVARSCRIPTRUN Cross-Site Scripting source: https://www.securityfocus.com/bid/24563/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can...

FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24564/info FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch othe...

Fuzzylime 1.0 - Low.php Cross-Site Scripting

Fuzzylime 1.0 - Low.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24522/info Fuzzylime is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripti...

TDizin - Arama.asp Cross-Site Scripting

TDizin - Arama.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/24515/info TDizin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attac...

TDizin - 'Arama.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24515/info TDizin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context ...

Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting

Apache Tomcat 6.0.13 - JSP Example Web Applications Cross-Site Scripting source: https://www.securityfocus.com/bid/24476/info Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attack...

JFFNms 0.8.3 - adminadmtest.php PHP Information Disclosure

JFFNms 0.8.3 - adminadmtest.php PHP Information Disclosure source: https://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple...

bbPress 0.8.1 - BB-login.php Cross-Site Scripting

bbPress 0.8.1 - BB-login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24422/info BBpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site...

JFFNms 0.8.3 - 'admin/adm/test.php' PHP Information Disclosure

source: https://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure issues. An attacker can exploit these...

Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24413/info Beehive Forum is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary script code in the browser of an...

WordPress 2.2 - Request_URI Cross-Site Scripting

WordPress 2.2 - RequestURI Cross-Site Scripting source: https://www.securityfocus.com/bid/24383/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24374/info OfficeConnect Secure Router is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result,...

Atom Photoblog 1.0.11.0.9 - AtomPhotoblog.php Multiple Input Validation Vulnerabilities

Atom Photoblog 1.0.11.0.9 - AtomPhotoblog.php Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/24363/info Atom PhotoBlog is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in...

WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities

WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24365/info WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. Attackers coul...

WMSCMS 2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24365/info WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. Attackers could exploit these issues to steal cookie-based authentication...