AShop Deluxe 4.5 - editcatalogue.php Cross-Site Scripting

AShop Deluxe 4.5 - editcatalogue.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker ma...

AShop Deluxe 4.5 - basket.php Cross-Site Scripting

AShop Deluxe 4.5 - basket.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may...

AShop Deluxe 4.5 - 'catalogue.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code...

AShop Deluxe 4.5 - 'basket.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code...

AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code...

MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting

source: https://www.securityfocus.com/bid/24583/info MyServer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

AShop Deluxe 4.5 - salesadmin.php Cross-Site Scripting

AShop Deluxe 4.5 - salesadmin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may...

Spooky 2.7 - loginregister.asp SQL Injection

Spooky 2.7 - loginregister.asp SQL Injection source: https://www.securityfocus.com/bid/21822/info Spooky Login is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...

Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21817/info Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting

PHP iCalendar 1.12.x - preferences.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Future Internet - index.cfm Multiple SQL Injections

Future Internet - index.cfm Multiple SQL Injections source: https://www.securityfocus.com/bid/21727/info Future Internet is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. A...

Xt-News 0.1 - show_news.php?id_news SQL Injection

Xt-News 0.1 - shownews.php?idnews SQL Injection source: https://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker...

Xt-News 0.1 - add_comment.php?id_news Cross-Site Scripting

Xt-News 0.1 - addcomment.php?idnews Cross-Site Scripting source: https://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An...

Xt-News 0.1 - 'add_comment.php?id_news' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal cookie-based...

Xt-News 0.1 - 'show_news.php?id_news' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21719/info Xt-News is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to steal cookie-based...

Oracle Portal 9i/10g - Container_Tabs.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/21717/info Oracle Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before returning it to the user. An attacker can exploit this issue to execute arbitrary HTML and script code in a userâ??s...

Calacode @Mail Webmail 4.51 - Filtering Engine HTML Injection

Calacode @Mail Webmail 4.51 - Filtering Engine HTML Injection source: https://www.securityfocus.com/bid/21708/info Calacode @Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary scrip...

Mini Web Shop 2.1.c - 'view.php?Viewcategory.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21677/info Mini Web Shop is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting...