Rapid Classified 3.1 - 'viewad.asp' SQL Injection

source: https://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. A successful exploit of these...

ActiveNews Manager - query Cross-Site Scripting

ActiveNews Manager - query Cross-Site Scripting source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied...

Active News Manager - 'catID' SQL Injection

source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Link CMS - 'navigacija.php?IDMeniGlavni' SQL Injection

source: https://www.securityfocus.com/bid/21464/info Link CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

ActiveNews Manager - 'query' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21167/info Active News Manger is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

BestWebApp Dating Site Login Component - Multiple Field SQL Injections

BestWebApp Dating Site Login Component - Multiple Field SQL Injections source: https://www.securityfocus.com/bid/21158/info BestWebApp Dating Site is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently...

BestWebApp Dating Site - 'login_form.asp?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21158/info BestWebApp Dating Site is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issues to stea...

vBulletin 3.6.x - Admin Control Panel Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21157/info vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker could exploit this vulnerability to have arbitrary script code execute in the context of the...

b2evolution 1.8.21.9 - _410_stats_gone.page.php?app_name Cross-Site Scripting

b2evolution 1.8.21.9 - 410statsgone.page.php?appname Cross-Site Scripting source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage...

b2evolution 1.8.21.9 - _referer_spam.page.php Multiple Cross-Site Scripting Vulnerabilities

b2evolution 1.8.21.9 - refererspam.page.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attack...

Xtreme ASP Photo Gallery 2.0 - 'displaypic.asp?catname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21138/info Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because the application fails to properly sanitize user-supplied input. Successf...

b2evolution 1.8.2/1.9 - '_410_stats_gone.page.php?app_name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21334/info The b2evolution application is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Eggblog 3.1 admin/comments.php edit Parameter XSS

Eggblog 3.1 admin/comments.php edit Parameter XSS. CVE-2006-6046. Webapps exploit for php platform source: http://www.securityfocus.com/bid/21134/info Eggblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

MGinternet Property Site Manager - listings.asp?s Cross-Site Scripting

MGinternet Property Site Manager - listings.asp?s Cross-Site Scripting source: https://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to...

Plesk 7.5/8.0 - 'get_password.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21067/info Plesk is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to...

Car Site Manager - '/csm/asp/listings.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Car Site Manager - '/csm/asp/detail.asp?p' SQL Injection

source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

MGinternet Property Site Manager - 'admin_login.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An attacker could exploit these issu...

Inventory Manager - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/21069/info Inventory Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Successful exploits of these vulnerabiliti...

IBM Websphere 6.0 - Faultactor Cross-Site Scripting

IBM Websphere 6.0 - Faultactor Cross-Site Scripting source: https://www.securityfocus.com/bid/21018/info IBM WebSphere is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...