4774 matches found
INFINICART - browse_group.asp?groupid SQL Injection
INFINICART - browsegroup.asp?groupid SQL Injection source: https://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...
INFINICART - browsesubcat.asp Multiple SQL Injections
INFINICART - browsesubcat.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A...
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Roundcube Webmail 0.1 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21042/info Roundcube Webmail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in th...
INFINICART - 'login.asp' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could all...
DirectAdmin 1.281.29 - CMD_EMAIL_FORWARDER_MODIFY Cross-Site Scripting
DirectAdmin 1.281.29 - CMDEMAILFORWARDERMODIFY Cross-Site Scripting source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...
DirectAdmin 1.281.29 - CMD_SHOW_RESELLER Cross-Site Scripting
DirectAdmin 1.281.29 - CMDSHOWRESELLER Cross-Site Scripting source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_VACATION_MODIFY' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
DirectAdmin 1.28/1.29 - 'CMD_FTP_SHOW' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
Drake CMS 0.2 Index.PHP Cross-Site Scripting Vulnerability
Drake CMS 0.2 Index.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/20998/info Drake CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issu...
Bitweaver 1.x - '/fisheye/index.php?sort_mode' SQL Injection
source: https://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials...
Immediacy .NET CMS 5.2 - Logon.aspx Cross-Site Scripting
Immediacy .NET CMS 5.2 - Logon.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/20965/info Immediacy CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...
FreeWebShop 2.12.2 - index.php?cat Cross-Site Scripting
FreeWebShop 2.12.2 - index.php?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/20969/info FreeWebShop is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and a local file-include issue. An attacker can exploit these issues to view files...
Speedywiki 2.02.1 - Multiple Input Validation Vulnerabilities
Speedywiki 2.02.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/20976/info Speedywiki is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include an arbitrary...
FreeWebShop 2.1/2.2 - 'index.php?cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20969/info FreeWebShop is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and a local file-include issue. An attacker can exploit these issues to view files, execute local scripts, steal cookie-based authenticati...
Immediacy .NET CMS 5.2 - 'Logon.aspx' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20965/info Immediacy CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting...
IPManager 2.3 - index.php Cross-Site Scripting
IPManager 2.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20952/info IpManager is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
Kayako SupportSuite 3.0.32 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20954/info Kayako SupportSuite is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...