4774 matches found
aoblogger 2.3 login.php username Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16286/info AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
PHP MicroCMS 1.0.1 CSRF and XSS Vulnerabilities
No description provided by source. Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability...
amfphp 1.2 - browser/methodTable.php class Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28789/info Amfphp is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browser of...
OSCommerce 2.2 Contact_us.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link that includes...
PhpGedView 2.5/2.6 Individual.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11882/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...
DVBBS 7.1 ShowErr.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14223/info Dvbbs is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Thwboard Beta 2.8 misc.php userid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...
Asn Guestbook 1.5 - header.php version Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...
Qualiteam X-Cart 4.0.8 orders.php mode Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...
Powie PForum 1.1x Username Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4165/info Powie PForum is web forum software, written in PHP and back-ended by MySQL. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. PForum is prone to cross-site scripting...
Habari 0.5.1 'habari_username' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31794/info Habari is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of...
PHP-Nuke 6.x/7.x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...
VirtuaSystems VirtuaNews 1.0.x Multiple Module Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9812/info It has been reported that the VirtuaNews non-default modules 'Files' and 'Vulns' are prone to multiple cross-site scripting vulnerabilities. These problems surround the application's failure to properly validate...
JFFNMS 0.8.3 admin/setup.php Direct Request Authentication Bypass
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
Vastal I-Tech DVD Zone view_mag.php mag_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to stea...
e107 Website System 0.6 Nested BBCode URL Tag Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14301/info e107 Website System is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...
Interspire TrackPoint NX Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16214/info TrackPoint NX is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Claroline 1.x admin/campusProblem.php view Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application...
MusicBox 2.3 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly saniti...
Open Solution Quick.Cart 0.3 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13599/info Quick.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...