NixieAffiliate 1.9 - 'lostpassword.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20084/info NixieAffiliate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have arbitrary script code execute in the browser of an unsuspecting user in the...

PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting

PHP-post Web Forum 0.x.1.0 - pm.php?replyuser Cross-Site Scripting source: https://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application...

Jupiter CMS 1.1.41.1.5 - modulessearch.php Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS 1.1.41.1.5 - modulessearch.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, becaus...

phpMyAdmin 2.x - sql.php?pos Cross-Site Scripting

phpMyAdmin 2.x - sql.php?pos Cross-Site Scripting source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

Jupiter CMS 1.1.41.1.5 - modulesmass-email.php Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS 1.1.41.1.5 - modulesmass-email.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues,...

Jupiter CMS 1.1.4/1.1.5 - '/modules/mass-email.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input. A successful exploit of these...

Web Wiz Forums 7.01 - 'members.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20054/info Web Wiz Forums is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in th...

Jupiter CMS 1.1.4/1.1.5 - 'galleryuploadfunction.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails to sanitize user-supplied input. A successful exploit of these...

phpMyAdmin 2.x - 'sql.php?pos' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could exploit these vulnerabilities to vi...

phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures

phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure...

Jupiter CMS 1.1.41.1.5 - modulesregister Multiple SQL Injections

Jupiter CMS 1.1.41.1.5 - modulesregister Multiple SQL Injections source: https://www.securityfocus.com/bid/20048/info Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cross-site scripting, SQL-injection, and arbitrary file-upload issues, because the application fails ...

Mailman 2.1.x - Multiple Input Validation Vulnerabilities

Mailman 2.1.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/20021/info Mailman is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-input. These issues include multiple cross-site scripting vulnerabilities and...

Blojsom 2.31 - Cross-Site Scripting

Blojsom 2.31 - Cross-Site Scripting source: https://www.securityfocus.com/bid/20026/info Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to have arbitrary script code execute in the browser ...

Mailman 2.1.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/20021/info Mailman is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-input. These issues include multiple cross-site scripting vulnerabilities and a CRLF-injection vulnerability. A successful exploit of...

PHP Event Calendar 1.41.5 - index.php Multiple Cross-Site Scripting Vulnerabilities

PHP Event Calendar 1.41.5 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20001/info PHP Event Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...

e107 website system 0.7.5 - submitnews.php?PATH_INFO Cross-Site Scripting

e107 website system 0.7.5 - submitnews.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to ha...

K2News Management 1.3 - Ratings.php Cross-Site Scripting

K2News Management 1.3 - Ratings.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19994/info k2News Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal...

e107 website system 0.7.5 - 'user.php?Query String (PATH_INFO)' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

e107 website system 0.7.5 - 'search.php?Query String (PATH_INFO)' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

K2News Management 1.3 - 'Ratings.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19994/info k2News Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials and to launch other...