Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities

Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16251/info Faq-O-Matic is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16251/info Faq-O-Matic is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

Ultimate Auction 3.67 - Item.pl Cross-Site Scripting

Ultimate Auction 3.67 - Item.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/16239/info Ultimate Auction is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting

Web Host Automation Ltd. Helm 3.2.8 - ForgotPassword.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16234/info Helm is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Alstrasoft Template Seller Pro 3.25 - 'Fullview.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16233/info Template Seller Pro is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the browser of an unsuspecting user in...

Interspire TrackPoint NX - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16214/info TrackPoint NX is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

MyPHPim - Login Page pass Field SQL Injection

source: https://www.securityfocus.com/bid/16210/info MyPhPim is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the...

Xoops Pool Module - IMG Tag HTML Injection

Xoops Pool Module - IMG Tag HTML Injection source: https://www.securityfocus.com/bid/16189/info The XOOPS Pool Module is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...

INCOGEN Bugport 1.x - index.php Multiple Cross-Site Scripting Vulnerabilities

INCOGEN Bugport 1.x - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16123/info Bugport is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

INCOGEN Bugport 1.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16123/info Bugport is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in th...

Chimera Web Portal 0.2 - 'linkcategory.php?id' SQL Injection

source: https://www.securityfocus.com/bid/16113/info Chimera Web Portal is prone to multiple input validation vulnerabilities. The issues include cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting

Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/16090/info Ades Design AdesGuestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...

phpDocumentor 1.21.3 - Forum Lib Variable Cross-Site Scripting

phpDocumentor 1.21.3 - Forum Lib Variable Cross-Site Scripting source: https://www.securityfocus.com/bid/16101/info phpDocumentor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16094/info Kayako SupportSuite is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may...

OOApp Guestbook 2.1 Home Script - Cross-Site Scripting

source: https://www.securityfocus.com/bid/16091/info OOApp Guestbook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Chipmunk Guestbook 1.4 - Homepage HTML Injection

Chipmunk Guestbook 1.4 - Homepage HTML Injection source: https://www.securityfocus.com/bid/16112/info Chipmunk Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...

Dream4 Koobi 5.0 - BBCode URL Tag Script Injection

source: https://www.securityfocus.com/bid/16078/info Koobi is prone to a script injection vulnerability. An attacker can nest BBCode URL tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code would be able to access properties of the site...

Cerberus Helpdesk 2.649 - addresses_export.php?queues SQL Injection

Cerberus Helpdesk 2.649 - addressesexport.php?queues SQL Injection source: https://www.securityfocus.com/bid/16062/info Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are the result of inadequate validation of user-supplied input that...

Cerberus Helpdesk 2.649 - cer_KnowledgebaseHandler.class.php?_load_article_details SQL Injection

Cerberus Helpdesk 2.649 - cerKnowledgebaseHandler.class.php?loadarticledetails SQL Injection source: https://www.securityfocus.com/bid/16062/info Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are the result of inadequate validation of...

Cerberus Helpdesk 2.649 - 'display_ticket_thread.php?ticket' SQL Injection

source: https://www.securityfocus.com/bid/16062/info Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are the result of inadequate validation of user-supplied input that will be included in site output or in SQL queries. The cross-site...