Unijimpe Captcha - captchademo.php Cross-Site Scripting

Unijimpe Captcha - captchademo.php Cross-Site Scripting source: https://www.securityfocus.com/bid/53585/info The Unijimpe Captcha is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Project Open Cross Site Scripting

Vulnerability Title: Project Open po - "account-closed.tcl" Reflective Cross Site Scripting Author: Michail Poultsakis Date of Vendor and CERT Contact: 2011.12.08 Publication Date: 2012.02.02 Product Link: http://www.project-open.com Affected Product Version: 3.4.x Project Open po version 3.4.x...

JVN#76515037: PukiWiki Plus! vulnerable to cross-site scripting

PukiWiki Plus! is a software that adds wiki functionality to websites. PukiWiki Plus! contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...

Manx Multiple Cross Site Scripting and Directory Traversal Vulnerabilities

Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user- supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities

SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50063/info SilverStripe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/49769/info AdaptCMS is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive...

PunBB 1.3.5 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49660/info PunBB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

HESK Multiple Cross Site Scripting Vulnerabilities

HESK is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. OpenVAS Vulnerability Test $Id: gbhesk49008.nasl 7006 2017-08-25 11:51:20Z teissa $ HESK Multiple Cross Site Scripting Vulnerabilities Authors: Michael Meyer Copyright:...

PHPJunkYard GBook 1.61.7 - Multiple Cross-Site Scripting Vulnerabilities

PHPJunkYard GBook 1.61.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/48905/info PHPJunkYard GBook is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability

ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-200 June 14, 2011 -- CVE ID: CVE-2011-2121 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Play...

Design/Logic Flaw

GNOME Display Manager gdm before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type...

CVE-2011-1709

GNOME Display Manager gdm before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type...

YaCOMAS 0.3.6 OpenCMS - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/47089/info YaCOMAS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

phpShop 0.8.1 - page Cross-Site Scripting

phpShop 0.8.1 - page Cross-Site Scripting source: https://www.securityfocus.com/bid/46561/info phpShop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary HTML and script code in th...

BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities

BlogCFC 5.9.6.001 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/45395/info BlogCFC is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Micro CMS 1.0 - name HTML Injection (2)

Micro CMS 1.0 - name HTML Injection 2 source: https://www.securityfocus.com/bid/44300/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...

Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2)

Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities 2 source: https://www.securityfocus.com/bid/41973/info Portili Personal and Team Wiki are prone to multiple security vulnerabilities. These vulnerabilities include a cross-site scripting vulnerability, an arbitrary-file-upload...

Mollify <= 1.6 XSS Vulnerability

Mollify is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Cisco Wireless Control System XSS

Product Name: Cisco Wireless Control System Vendor: http://www.cisco.com Date: 4 August, 2010 Author: [email protected] [email protected] Original URL: http://www.tomneaves.com/CiscoWirelessControlSystemXSS.txt Discovered: 8 July, 2010 Disclosed: 4 August, 2010 I. DESCRIPTION The Cisco Wireless...