Qualiteam X-Cart 4.0.8 - 'help.php?section' SQL Injection

source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...

NPDS 4.8 5.0 - powerpack_f.php?language Cross-Site Scripting

NPDS 4.8 5.0 - powerpackf.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 5.0 - admin.php?language Cross-Site Scripting

NPDS 4.8 5.0 - admin.php?language Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 5.0 - modules.php?Lettre Cross-Site Scripting

NPDS 4.8 5.0 - modules.php?Lettre Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 5.0 - reply.php?image_subject Cross-Site Scripting

NPDS 4.8 5.0 - reply.php?imagesubject Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 5.0 Glossaire Module - terme SQL Injection

NPDS 4.8 5.0 Glossaire Module - terme SQL Injection source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection...

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 < 5.0 - 'links.php?Query' SQL Injection

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'faq.php?categories' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'sdv_infos.php?sitename' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'powerpack_f.php?language' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 /5.0 - 'modules.php?Lettre' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'admin.php?language' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'reply.php?image_subject' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 - 'reviews.php?title' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 < 5.0 Glossaire Module - 'terme' SQL Injection

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

Jaws Glossary 0.40.5 - Cross-Site Scripting

Jaws Glossary 0.40.5 - Cross-Site Scripting source: https://www.securityfocus.com/bid/13796/info JAWS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'Glossary' module. This may facilitate the thef...

BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting

BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitiz...

BEA WebLogic 7.0/8.1 - Administration Console Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/13794/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the error page. A successful attack may facilitate the...

BookReview 1.0 - add_url.htm?node Cross-Site Scripting

BookReview 1.0 - addurl.htm?node Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...