Mandriva Update for desktop-common-data MDKA-2007:042 (desktop-common-data)

Check for the Version of desktop-common-data OpenVAS Vulnerability Test Mandriva Update for desktop-common-data MDKA-2007:042 desktop-common-data Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Oracle WebLogic Server vulnerable to cross-site scripting

Overview Oracle WebLogic Server formerly BEA WebLogic Server contains a cross-site scripting vulnerability. Oracle WebLogic Server is an application server based on Java Platform Enterprise Edition 5 JavaEE5. Oracle WebLogic Server contains a cross-site scripting vulnerability. Daiki Fukumori of...

Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities

Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30542/info Pluck is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

Hyper NIKKI System cross-site scripting vulnerability

Overview Hyper NIKKI System hns, web log software from the Hyper NIKKI System Project, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session...

MitakeSearch cross-site scripting vulnerability

Overview MitakeSearch, a fulltext search system from Hewlett-Packard Japan, contains a cross-site scripting vulnerability due to improper validation of input character strings in the ranking CGI script file, ranking.pl. Impact A malicious script may be executed on the user's web browser. Solution...

CGI RESCUE WebFORM vulnerable to cross-site scripting

Overview WebFORM, released from CGI RESCUE, is a CGI script written in perl that allows a user to send email messages via a HTML form. WebFORM contains a cross-site scripting vulnerability. Impact An abitrary script may be executed on the user's web browser. Solution None...

Nagios cross-site scripting vulnerability

Overview Nagios from Nagios.org contains a cross-site scripting vulnerability. Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser...

Cybozu Office browser script execution vulnerability

Overview The HTML-mail compliant web mail function of Cybozu Office contains a vulnerability that may allow an attacker to execute browser script. Impact If a Cybozu Office user logs into the system and opens an email containing exploit code sent by a remote attacker using the web mail function,...

BBSNote cross-site scripting vulnerability

Overview BBSNote, CGI bulletin board script, contains a cross-site scripting vulnerability due to improper handling of CGI arguments. Impact A malicious script may be executed on the user's web browser. Solution None...

security flaw

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

BandSite CMS 1.1 - help_merch.php Cross-Site Scripting

BandSite CMS 1.1 - helpmerch.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access...

BandSite CMS 1.1 - login_header.php Cross-Site Scripting

BandSite CMS 1.1 - loginheader.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to acces...

liberoXSS.txt

--Security Report-- Advisory: libero.it XSS vulnerability - HTML injection --- Author: Davide Denicolo --- Date: 28/04/06 --- Contact: davidesecurityinfos.com --- Vendor: ItaliaOnLine S.r.l http://www.libero.it Service: Web Level: Low --- Description: Libero.it is a Web portal of big Italian ISP:...

axoverzicht.CGI - Cross-Site Scripting

source: https://www.securityfocus.com/bid/17584/info The axoverzicht.cgi script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting...