PHPX 3.5.9 XCode Tag HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

PHP Hosting Biller 1.0 Index.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24517/info Php Hosting Biller is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting...

K2News Management 1.3 Ratings.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19994/info k2News Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authenticatio...

OpenDocMan 1.2.5 user.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Pinnacle Cart 3.3 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17794/info Pinnacle Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Mephisto Blog 0.7.3 Search Function Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23141/info Mephisto Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17473/info Tritanium Bulletin Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these...

CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13341/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Bitweaver 1.1/1.2 Title Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

Atlant Pro 8.0.9 Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15886/info Atlant Pro is prone to cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrar...

Verity K2 Toolkit 2.20 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8073/info It has been reported that Verity K2 Toolkit does not sufficiently filter user-supplied search parameters. As a result of this reported deficiency, it may be possible for a remote attacker to create a malicious...

Geeklog 1.4 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18154/info Geeklog is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitiz...

Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13910/info Multiple input validation vulnerabilities reportedly affect Invision Community Blog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out...

NetworkActiv Web Server 1.0/2.0/3.0/3.5 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14473/info NetworkActiv Web Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

BEA WebLogic Server 8.1 And WebLogic Express Administration Console Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13400/info A remote cross-site scripting vulnerability affects BEA WebLogic Server and WebLogic Express administration console. This issue is due to a failure of the application to properly sanitize user-supplied input...

INFINICART browsesubcat.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21043/info Infinicart is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit ...

DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

PHPGroupWare 0.9.x Index.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12082/info PhpGroupWare is reported to be susceptible to a HTML injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input. The attacker-supplied HTML and script code...

osCommerce 2.2 admin/newsletters.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...