264 matches found
Winged Gallery 1.0 - Thumb.php Cross-Site Scripting
Winged Gallery 1.0 - Thumb.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18629/info Winged Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...
obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - events.tar?source_ip Cross-Site Scripting
obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - events.tar?sourceip Cross-Site Scripting source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-suppli...
Windows Cursor and Icon handling vulnerability
Added: 04/27/2006 CVE: CVE-2004-1049 BID: 12233 OSVDB: 12842 Background The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons. Problem An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted curso...
Windows Cursor and Icon handling vulnerability
Added: 04/27/2006 CVE: CVE-2004-1049 BID: 12233 OSVDB: 12842 Background The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons. Problem An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted curso...
Windows Cursor and Icon handling vulnerability
Added: 04/27/2006 CVE: CVE-2004-1049 BID: 12233 OSVDB: 12842 Background The LoadImage API in Microsoft Windows provides functions for loading cursors, animated cursors, and icons. Problem An integer overflow in the LoadImage API allows command execution when a user opens a specially crafted curso...
Instant Photo Gallery 1.0 - portfolio.php?cat_id Cross-Site Scripting
Instant Photo Gallery 1.0 - portfolio.php?catid Cross-Site Scripting source: https://www.securityfocus.com/bid/17696/info Instant Photo Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An...
CONTROLzx Hms 3.3.4 - 'shared_order.php?sharedPlanID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed...
Invision Power Board (IP.Board) 2.0.4 - Search Action Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board IP.Board 2.0.4 - Search Action Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly...
DCP-Portal 3.74.x5.x6.x - forums.php Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.74.x5.x6.x - forums.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...
Link Bank - 'Iframe.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17001/info Link Bank is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this issu...
Game-Panel 2.6 - 'login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16979/info Game-Panel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this iss...
myPHPNuke 1.8.8 - 'download.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16815/info MyPHPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
Commercial Interactive Media SCOOP! 2.3 - prePurchaserRegistration.asp?Invalid Cross-Site Scripting
Commercial Interactive Media SCOOP! 2.3 - prePurchaserRegistration.asp?Invalid Cross-Site Scripting source: https://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the...
AbleDesign D-Man 3.0 - Title Cross-Site Scripting
AbleDesign D-Man 3.0 - Title Cross-Site Scripting source: https://www.securityfocus.com/bid/15993/info D-Man is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'title' parameter. An attacker may...
WebGlimpse 2.x - Cross-Site Scripting
WebGlimpse 2.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/15916/info WebGlimpse is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Chipmunk Forum - 'quote.php?forumID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15149/info Chipmunk products are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
IceWarp Web Mail 5.5.1 - calendar_d.html?createdataCX Cross-Site Scripting
IceWarp Web Mail 5.5.1 - calendard.html?createdataCX Cross-Site Scripting source: https://www.securityfocus.com/bid/14980/info IceWarp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...
ATutor 1.4.3 - browse.php?show_course Cross-Site Scripting
ATutor 1.4.3 - browse.php?showcourse Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...
ProfitCode Software PayProCart 3.0 - AdminShop ProMod Cross-Site Scripting
source: https://www.securityfocus.com/bid/13308/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13036/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...