4774 matches found
VisualShapers EzContents 2.0.3 Loginreq2.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code...
KMMail 1.0 E-Mail HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6013/info kmMail does not sufficiently sanitize HTML and script code from the body of e-mail messages. As a result, an attacker may send a malicious message to a user of kmMail that includes arbitrary HTML and script code...
Captaris Infinite WebMail 3.61.5 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6411/info An HTML injection vulnerability has been discovered in Captaris Infinite WebMail. Due to insufficient sanitization of HTML content, it is possible for an attacker to embed malicious script code into HTML email...
Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...
Cherokee 0.1.x/0.2.x/0.4.x Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9496/info Cherokee has been reported to contain a cross-site scripting vulnerability via error pages. An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a...
SearchSimon Lite 1.0 Filename.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28649/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...
MyBoard 1.0.12 - 'rep.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28823/info MyBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TuttoPHP Morris Guestbook 'view.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36415/info Morris Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Zen Cart 2008 - index.php keyword Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29020/info Zen Cart is prone to a cross-site scripting vulnerability and an SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an...
Pilot Group eTraining courses_login.php cat_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
EVA-Web 2.1.2 rubrique.php3 date Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
EVA-Web 2.1.2 index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
DirectAdmin 1.28/1.29 CMD_TICKET type Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
Astaro Security Linux 5 'index.fpl' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
IDevSpot BizDirectory 2.04 - 'page' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30980/info IDevSpot BizDirectory is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
Tyger Bug Tracking System 1.1.3 Login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22799/info Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, including one SQL-injection issue and two cross-site scripting issues, because the application fails to sufficiently sanitize...
Qualiteam X-Cart 4.0.8 help.php section Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...
Calendar Express 2.2 Search.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14505/info Calendar Express is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
Extreme Corporate 6.0 Extremesearch.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15675/info Extreme Search Corporate Edition is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...