4774 matches found
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
HiveMail 1.2.2/1.3 - 'folders.update.php?folderid' Arbitrary PHP Command Execution
source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result of an input-validation error that...
Papoo 2.1.x - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/16573/info Papoo is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecti...
CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue to have arbitrary scrip...
SPIP 1.8/1.9 - 'index.php3' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16461/info SPIP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting
Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16439/info Cerberus Helpdesk is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage th...
BrowserCRM - Results.PHP Cross-Site Scripting Vulnerability
BrowserCRM 0 Results.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/16435/info BrowserCRM is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...
PmWiki 2.1 - Multiple Input Validation Vulnerabilities
PmWiki 2.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/16421/info PmWiki is prone to multiple input-validation vulnerabilities. These issues are due to failures in the application to properly sanitize user-supplied input. - Arbitrary remote file-include...
sPaiz-Nuke - modules.php Cross-Site Scripting
sPaiz-Nuke - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16412/info sPaiz-Nuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
PixelPost 1.4.3 - User Comment HTML Injection
PixelPost 1.4.3 - User Comment HTML Injection source: https://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
PixelPost 1.4.3 - User Comment HTML Injection
source: https://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
AZ Bulletin Board 1.0.x/1.1 - 'post.php' HTML Injection
source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting
source: https://www.securityfocus.com/bid/16330/info MailSite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
EggBlog 2.0 - id SQL Injection
EggBlog 2.0 - id SQL Injection source: https://www.securityfocus.com/bid/16305/info Eggblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could...
aoblogger 2.3 - URL BBcode Cross-Site Scripting
aoblogger 2.3 - URL BBcode Cross-Site Scripting source: https://www.securityfocus.com/bid/16286/info AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these...
PowerPortal 1.11.3 - index.php Cross-Site Scripting
PowerPortal 1.11.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...
aoblogger 2.3 - 'create.php' Entry Creation
source: https://www.securityfocus.com/bid/16286/info AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to: -...
Bit 5 Blog 8.1 - addcomment.php HTML Injection
Bit 5 Blog 8.1 - addcomment.php HTML Injection source: https://www.securityfocus.com/bid/16246/info Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Apache Tomcat Geronimo 1.0 - Sample Script cal2.jsp?time Cross-Site Scripting
Apache Tomcat Geronimo 1.0 - Sample Script cal2.jsp?time Cross-Site Scripting source: https://www.securityfocus.com/bid/16260/info Apache Geronimo is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit cou...
GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities
GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16255/info GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspectin...