Trend Micro Worry-Free Business Security and Worry-Free Business Security Services HTTP Header Injection Vulnerability

Trend Micro Worry-Free Business Security and Worry-Free Business Security Services are both antivirus programs from Trend Micro. An HTTP header injection vulnerability exists in Trend Micro Worry-Free Business Security version 9.0 and Worry-Free Business Security Services version 5.x, which can b...

SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross Site Scripting Vulnerability

CVE-2012-4939SolarWinds Orion IP Address Manager IPAM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affect...

TikiWiki 1.9 tiki-lastchanges.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18143/info TikiWiki is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

phpCOIN 1.2 login.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/12686/info Multiple remote input-validation vulnerabilities affect phpCOIN because the application fails to properly sanitize user-supplied input before using it to carry out critical functionality. An attacker may levera...

IBM Maximo 4.1/ 5.2 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30180/info IBM Maximo is prone to multiple HTML-injection vulnerabilities and an information-disclosure vulnerability. An attacker may leverage these issues to obtain potentially sensitive information and to execute...

TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam

Exploit for hardware platform in category remote exploits TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow camera demo http://67.203.184.58:9193/admin/view.cgi?profile=0 username=guest password=guest...

ButorWiki 3.0 - 'service' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52059/info ButorWiki is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

AdaptCMS 2.0.1 - Cross-Site Scripting Information Disclosure

AdaptCMS 2.0.1 - Cross-Site Scripting Information Disclosure source: https://www.securityfocus.com/bid/49769/info AdaptCMS is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker m...

Multiple Vulnerabilities in Habari

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Habari which could be exploited to perform cross-site scripting attacks and gain potentially sensitive information. 1 Information disclosure weakness in Habari: CVE-2010-4608 The weakness was found in the...

Advanced Poll 2.0 - mysql_host Cross-Site Scripting

Advanced Poll 2.0 - mysqlhost Cross-Site Scripting source: https://www.securityfocus.com/bid/40045/info Advanced Poll is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

CuteNews 1.4.6 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that exploits for some of the issues may...

SpiceWorks - 'query' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43248/info Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

PHP Scripts Now Hangman - 'index.php?n' SQL Injection

source: https://www.securityfocus.com/bid/43513/info TOPHangman is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or modify data,...

Matterdaddy Market 1.x - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/35856/info Matterdaddy Market is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Cross-browser Code Execution via XSS

Hello 3APA3A! Recently I wrote about cross-browser Code Execution via XSS attack http://websecurity.com.ua/2638/. Earlier I wrote you about Code Execution via XSS in Internet Explorer http://securityvulns.ru/Udocument911.html. In this article I told about Code Execution attack via IE via Cross-Si...

Pre Classified Listings 1.0 - signup.asp Cross-Site Scripting

Pre Classified Listings 1.0 - signup.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/32567/info Pre Classified Listings is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

Jetbox CMS 2.1 - liste Cross-Site Scripting

Jetbox CMS 2.1 - liste Cross-Site Scripting source: https://www.securityfocus.com/bid/31890/info Jetbox CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Chipmunk Blog - members.php Cross-Site Scripting

Chipmunk Blog - members.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29883/info Chipmunk Blog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...

PaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/16071/info PaperThin CommonSpot Content Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

CubeCart 3.0.3 - cart.php?redir Cross-Site Scripting

CubeCart 3.0.3 - cart.php?redir Cross-Site Scripting source: https://www.securityfocus.com/bid/14962/info CubeCart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any...