11 matches found
mod_dav_svn, subversion security update
CentOS Errata and Security Advisory CESA-2015:0165 Updated subversion packages that fix two security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
AIOCP 1.3.x cp_links_search.php orderdir Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...
Yogurt Social Network 3.2 rc1 Module for XOOPS friends.php uid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30618/info Yogurt Social Network is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...
osCommerce 2.2 admin/currencies.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
S9Y Serendipity 1.5.5 - serendipity[filter][bp.ALT] Cross-Site Scripting
S9Y Serendipity 1.5.5 - serendipityfilterbp.ALT Cross-Site Scripting source: https://www.securityfocus.com/bid/50502/info Serendipity is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...
PHPB2B 4.1 - q Cross-Site Scripting
PHPB2B 4.1 - q Cross-Site Scripting source: https://www.securityfocus.com/bid/51221/info PHPB2B is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
FotoWeb 6.0 - 'Login.fwx?s' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33677/info FotoWeb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...
VeriSign Kontiki Delivery Management System 5.0 - 'action' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31580/info Kontiki Delivery Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Helma 1.5.3 - Search Script Cross-Site Scripting
Helma 1.5.3 - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/24880/info Helma is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/17701/info FarsiNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...
ADP Forum 2.0.x - 'Subject' HTML Injection
source: https://www.securityfocus.com/bid/17047/info ADP Forum is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of t...