4774 matches found
AN HTTPD 1.41 e Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6529/info AN HTTPD does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be executed i...
AlmondSoft Multiple Classifieds Products index.php replid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/35816/info AlmondSoft Almond Classifieds is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
CartWIZ 1.10 Login.ASP Redirect Argument Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13340/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
JBC Explorer 7.20 'arbre.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37423/info JBC Explorer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
frog cms 0.9.5 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22685 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfrogcms.html Product: Frog CMS Vendor: Philippe Archambault http://www.madebyfrog.com/ Vulnerable Version: 0.9.5 and probably prior versions Vendor Notification: 09 November 2010...
Claroline 1.5/1.6 userInfo.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...
Php-Stats 0.1.9.2 Tracking.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25674/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
efiction 1.0/1.1/2.0 viewuser.php uid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15568/info eFiction is prone to SQL injection, remote file upload, and cross site scripting vulnerabilities. These vulnerabilities may allow an attacker to view and modify sensitive information, gain unauthorized access,...
Banshee 1.4.2 DAAP Extension 'apps/web/vs_diag.cgi' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
QwikiWiki 1.4/1.5 recentchanges.php help Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17064/info QwikiWiki is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16706/info V-webmail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script...
Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/5829/exploit Monkey HTTP server is prone to cross site scripting vulnerabilities. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and script code may...
Datalife Engine CMS 7.2 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31335/info Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
One-News Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30804/info One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to sufficiently...
Xtreme ASP Photo Gallery 2.0 displaypic.asp sortorder Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21138/info Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because the application fails to properly...
Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
Uebimiau 2.7.x Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25912/info UebiMiau is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks o...
NextAge Shopping Cart Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17685/info NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...
Phorum 5.2 admin/badwords.php curr Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
timobraun Dynamic Galerie 1.0 index.php pfad Variable Arbitrary Directory Listing
No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...