321 matches found
timobraun Dynamic Galerie 1.0 galerie.php pfad Variable Arbitrary Directory Listing
No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...
PHPPost 1.0 profile.php user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...
Plague News System 0.7 CID Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14137/info Plague News System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'index.php' script. An attacker may leverag...
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19311/info OZJournal is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script...
energine 2.3.8 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...
Oracle e-Business Suite - Multiple Vulnerabilities
No description provided by source. Oracle E-Business Suite is prone to multiple authentication-bypass and HTML-injection vulnerabilities. Attackers could exploit these issues to steal cookie-based authentication credentials, perform unauthorized actions, or bypass certain security restrictions...
Thomson SpeedTouch 500 Series LocalNetwork Page name Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16839/info The SpeedTouch 500 series are prone to a cross-site scripting vulnerability. This issue is due to a failure in the devices to properly sanitize user-supplied input. An attacker may leverage this issue to have...
DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection Vulnerability
No description provided by source. Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...
WordPress 2.3.2 - wp-admin/invites.php to Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28139/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30748/info Vanilla is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...
Pinnacle Cart Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13138/info Pinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Flyspray 0.9.9 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26891/info Flyspray is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...
Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8011/info It has been reported that Tutos does not properly handle input to the fileselect script. Because of this, an attacker may be able to execute code in the browser of another user with the privileges of the...
Contenido CMS 4.8.12 XSS Vulnerabilities
No description provided by source. Vulnerability ID: HTB22635 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincontenidocms.html Product: Contenido CMS Vendor: four for business AG http://www.contenido.org/ Vulnerable Version: 4.8.12 and Probably Prior Versions Vendor Notification: 29...
JGS-Gallery 4.0 Board jgs_galerie_scroll.php userid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary scrip...
VBZooM Forum 1.11 contact.php UserID Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16956/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...
RedCMS 0.1 profile.php u Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...
WebGlimpse 2.x Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15916/info WebGlimpse is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...