4774 matches found
MetaBid Auctions - 'intAuctionID' SQL Injection
source: https://www.securityfocus.com/bid/13395/info A remote SQL injection vulnerability affects MetaBid Auctions. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit this issue to manipulate SQL...
WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting
WoltLab Burning Board 2.3.1 - PMS.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13353/info WoltLab Burning Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
WoltLab Burning Board 2.3.1 - 'PMS.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13353/info WoltLab Burning Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in th...
GLSA-200504-24 : eGroupWare: XSS and SQL injection vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200504-24 eGroupWare: XSS and SQL injection vulnerabilities Multiple SQL injection and cross-site scripting vulnerabilities have been found in several eGroupWare modules. Impact : An attacker could possibly use the SQL injection...
CartWIZ 1.10 - Access.asp Cross-Site Scripting
CartWIZ 1.10 - Access.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13338/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
phpBB 2.0.x - 'viewtopic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13345/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
CartWIZ 1.10 - 'AddToWishlist.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13337/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'TellAFriend.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13336/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
WoltLab Burning Board 2.3.1 - 'thread.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13325/info WoltLab Burning Board is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the browser of an unsuspecting user ...
DameWare NT Utilities Authentication Credentials Persistence Weakness
According to its version number, the copy of DameWare NT Utilities installed on the remote host allows a local user to recover authentication credentials because it stores sensitive information such as username, password, remote user, and remote hostname in memory as plaintext. C Tenable Network...
DameWare Mini Remote Control Authentication Credentials Persistence Weakness
According to its version number, the copy of DameWare Mini Remote Control installed on the remote host allows a local user to recover authentication credentials because the application stores sensitive information in memory as plaintext - username, password, hostname, etc in the case of the 'DWRC...
ProfitCode Software PayProCart 3.0 - 'Username' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13299/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/13260/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application...
phpBB Remote - 'mod.php' SQL Injection
source: https://www.securityfocus.com/bid/13209/info A remote SQL injection vulnerability affects the datenbank module for phpbb. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit this issue to...
OneWorldStore - 'OWListProduct.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...
PHPBB2 Plus 1.5 - GroupCP.php Cross-Site Scripting
PHPBB2 Plus 1.5 - GroupCP.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13149/info phpBB2 Plus is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue ...
PHPBB2 Plus 1.5 - index.php Multiple Cross-Site Scripting Vulnerabilities
PHPBB2 Plus 1.5 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13150/info phpBB2 Plus is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
PHPBB2 Plus 1.5 - 'Portal.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13151/info phpBB2 Plus is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...
PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13150/info phpBB2 Plus is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...
phpBB Photo Album Module 2.0.53 - 'Album_Comment.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13158/info Photo Album is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the brows...