WordPress AMP Toolbox 1.9.4 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable AMP Toolbox Plugin 1.9.4 AMP Toolbox Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary scri...

AlienVault : DOM-Based XSS in www.alienvault.com

Summary: There is a DOM-Based XSS vulnerability in the 'usma-code' parameter in /products/usm-anywhere/free-trial/thank-you-approved . Description: The link...

WordPress 2.2 Request_URI Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24383/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

EasyGallery 1.17 EasyGallery.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17624/info EasyGallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48110/info Multiple WordPress WooThemes Live Wire are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Dolibarr ERP/CRM 3.0 - Local File Inclusion / Cross-Site Scripting

source: https://www.securityfocus.com/bid/47542/info Dolibarr is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal...

Plogger 1.0 RC1 - gallery_name Cross-Site Scripting

Plogger 1.0 RC1 - galleryname Cross-Site Scripting source: https://www.securityfocus.com/bid/47329/info Plogger is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in th...

Spitfire 1.0.3x - 'cms_username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47077/info Spitfire is prone to a cross-site scripting vulnerability. because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

NewsPortal 'post.php' Cross Site Scripting Vulnerability

NewsPortal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

Microsoft Windows Picture and Fax Viewer Library Vulnerability !

Microsoft Windows Picture and Fax Viewer Library Vulnerability ! I. BACKGROUND The Windows Picture and Fax Viewer "shimgvw.dll" library is used by Windows Explorer to generate thumbnail previews for media files. II. DESCRIPTION Remote exploitation of a buffer overflow vulnerability in multiple...

XSS vulnerability in Diem

Vulnerability ID: HTB22459 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityindiem1.html Product: Diem Vendor: Diem team Vulnerable Version: 5.1.2 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted...

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41548/info FireStats is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting

Apache Tomcat 3.2.1 - 404 Error Page Cross-Site Scripting Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Claroline 1.8.11 - '/claroline/linker/notfound.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34883/info Claroline is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

RazorCMS 0.3RC2 - Multiple Vulnerabilities

RazorCMS 0.3RC2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers...

Quick CMS Lite 2.1 - 'admin.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31210/info Quick.Cms.Lite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion

www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original...

Oracle Portal 10g - 'P_OldURL' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22999/info Oracle Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user i...

BandSite CMS 1.1 - 'pastshows_content.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

V3 Chat Instant Messenger - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...