PHPPost 1.0 profile.php user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15524/info PHP-Post is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Rae Media Real Estate Single Agent SQL Injection Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/45211/discuss Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Tutos 1.1 File_Select.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8011/info It has been reported that Tutos does not properly handle input to the fileselect script. Because of this, an attacker may be able to execute code in the browser of another user with the privileges of the...

Vanilla 1.1.4 HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30748/info Vanilla is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

SquirrelMail 1.4.2 Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14973/info SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the...

WebGlimpse 2.x Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15916/info WebGlimpse is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

EVA-Web 2.1.2 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18161/info EVA-Web is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

osCommerce 2.2 admin/specials.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

CyberShop Ultimate E-commerce Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

BMForum 5.6 - index.php outpused Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

energine 2.3.8 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...

VBZooM Forum 1.11 contact.php UserID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16956/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...

SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

DBHcms 1.1.4 (dbhcms_user and searchString) - SQL Injection Vulnerability

No description provided by source. Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...

Contenido CMS 4.8.12 XSS Vulnerabilities

No description provided by source. Vulnerability ID: HTB22635 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincontenidocms.html Product: Contenido CMS Vendor: four for business AG http://www.contenido.org/ Vulnerable Version: 4.8.12 and Probably Prior Versions Vendor Notification: 29...

Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Astaro Security Linux 5 'index.fpl' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Comersus Cart 7.0.7 comersus_customerAuthenticateForm.asp redirectUrl XSS

No description provided by source. source: http://www.securityfocus.com/bid/24562/info Comersus Cart is affected by multiple input validation vulnerabilities. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the...

Pinnacle Cart Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13138/info Pinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

WordPress 2.3.2 - wp-admin/invites.php to Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28139/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...