cPanel WebHost Manager 3.1 - 'addon_configsupport.cgi?supporturl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

cPanel WebHost Manager 3.1 - 'park?ndomain' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21288/info WebHost Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting...

Simple PHP Gallery 1.1 - System SP_Index.php Cross-Site Scripting

Simple PHP Gallery 1.1 - System SPIndex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21278/info Simple PHP Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Fixit iDms Pro Image Gallery - filelist.asp Multiple SQL Injections

Fixit iDms Pro Image Gallery - filelist.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21282/info Fixit iDMS Pro is prone to multiple input-validation vulnerabilities, including SQL-injection issues and an HTML-injection issue, because the application fails to properly...

Simple PHP Gallery 1.1 - 'System SP_Index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21278/info Simple PHP Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

MMGallery 1.55 - Thumbs.php Cross-Site Scripting

MMGallery 1.55 - Thumbs.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21281/info The mmgallery script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

CuteNews 1.4.5 - show_news.php Cross-Site Scripting

CuteNews 1.4.5 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

CuteNews 1.4.5 - rss_title Cross-Site Scripting

CuteNews 1.4.5 - rsstitle Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

CreaDirectory 1.2 - search.asp?category SQL Injection

CreaDirectory 1.2 - search.asp?category SQL Injection source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficientl...

CreaDirectory 1.2 - 'addlisting.asp?cat' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...

CreaDirectory 1.2 - 'search.asp?category' SQL Injection

source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...

CuteNews 1.4.5 - 'show_news.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could exploit these issues to view sensitiv...

CreaDirectory 1.2 - 'search.asp?search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21230/info Creascripts creadirectory is prone to multiple input-validation vulnerabilities, inculding SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues...

JiRos Link Manager 1.0 - viewlinks.asp?categoryId SQL Injection

JiRos Link Manager 1.0 - viewlinks.asp?categoryId SQL Injection source: https://www.securityfocus.com/bid/21226/info JiRos Links Manager is prone to multiple input-validation vulnerabilities, including SQL- and HTML-injection issues, because it fails to sufficiently sanitize user-supplied data...

Grandora Rialto 1.6 - searchkey.asp?Keyword Cross-Site Scripting

Grandora Rialto 1.6 - searchkey.asp?Keyword Cross-Site Scripting source: https://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize...

Grandora Rialto 1.6 - searchoption.asp Multiple SQL Injections

Grandora Rialto 1.6 - searchoption.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-suppli...

Rapid Classified 3.1 - viewad.asp SQL Injection

Rapid Classified 3.1 - viewad.asp SQL Injection source: https://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize...

Rapid Classified 3.1 - search.asp Cross-Site Scripting

Rapid Classified 3.1 - search.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize...

BirdBlog 1.4 - adminadmincore.php?msg Cross-Site Scripting

BirdBlog 1.4 - adminadmincore.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/21184/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Enthrallweb eHomes - compareHomes.asp Multiple SQL Injections

Enthrallweb eHomes - compareHomes.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21193/info eHome is prone to multiple input-validation vulnerabilities, including cross-site scripting, and SQL-injection issues, because the application fails to properly sanitize user-supplie...