4774 matches found
FLV Players 8 - 'popup.php?url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18954/info FLV Player is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
Hosting Controller 1.x - error.asp Cross-Site Scripting
Hosting Controller 1.x - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/18933/info Hosting Controller is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue...
Hosting Controller 1.x - 'error.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18933/info Hosting Controller is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code execute in the browser of...
ATutor 1.5.x - usersbrowse.php?cat Cross-Site Scripting
ATutor 1.5.x - usersbrowse.php?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/18857/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...
ATutor 1.5.x - documentationadminindex.php Cross-Site Scripting
ATutor 1.5.x - documentationadminindex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18857/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
ATutor 1.5.x - adminfix_content.php?submit Cross-Site Scripting
ATutor 1.5.x - adminfixcontent.php?submit Cross-Site Scripting source: https://www.securityfocus.com/bid/18857/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
ATutor 1.5.x - '/documentation/admin/index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18857/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code execute ...
Vincent Leclercq News 5.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/18775/info Vincent Leclercq News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code...
CVE-2006-3328
newticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication credentials via an IMG tag in the desc parameter "Ticket Description" field that points to a URL that captures referer URLs, possibly due to a cross-site scripting XSS vulnerability or a leak of...
CVE-2006-3328
newticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication credentials via an IMG tag in the desc parameter "Ticket Description" field that points to a URL that captures referer URLs, possibly due to a cross-site scripting XSS vulnerability or a leak of...
CVE-2006-3328
CVE-2006-3328 affects Hostflow 2.2.1-15. The issue is triggered by an IMG tag in the desc parameter (Ticket Description) that can capture referer URLs, enabling retrieval or replay of authentication credentials via potential XSS or credential leakage in referer headers. NVD lists a base score of ...
SoftBiz Banner Exchange Script 1.0 - insertmember.php?city Cross-Site Scripting
SoftBiz Banner Exchange Script 1.0 - insertmember.php?city Cross-Site Scripting source: https://www.securityfocus.com/bid/18735/info Softbiz Banner Exchange is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before displaying it to...
PHP ICalender 2.22 - index.php Cross-Site Scripting
PHP ICalender 2.22 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18721/info PHP iCalender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
newsPHP 2006 PRO - '/inc/rss_feed.php?category' SQL Injection
source: https://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
newsPHP 2006 PRO - 'index.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
PHPClassifieds.Info - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/18713/info The 'phpclassifieds.info' product is prone to multiple input-validation vulnerabilities. The issues include HTML- and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...
MF Piadas 1.0 - 'admin.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18676/info MF Piadas is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the contex...
OpenGuestbook 0.5 - header.php?title Cross-Site Scripting
OpenGuestbook 0.5 - header.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/18666/info OpenGuestbook is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize...
cPanel 10 - Select.HTML Cross-Site Scripting
cPanel 10 - Select.HTML Cross-Site Scripting source: https://www.securityfocus.com/bid/18655/info Cpanel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
ADODB 4.6/4.7 - 'Tmssql.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18638/info ADOdb is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of...