MoinMoin 1.x - PageEditor.py Cross-Site Scripting

MoinMoin 1.x - PageEditor.py Cross-Site Scripting source: https://www.securityfocus.com/bid/40549/info MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code...

Caucho Resin Professional 3.1.5 - resin-admindigest.php Multiple Cross-Site Scripting Vulnerabilities

Caucho Resin Professional 3.1.5 - resin-admindigest.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/40251/info Caucho Resin Professional is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize...

Advanced Poll 2.0 - 'mysql_host' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40045/info Advanced Poll is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

Mini Web Server Cross Site Scripting and Directory Traversal Vulnerabilities

Mini Web Server is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the...

A XSS in User_ChkLogin.asp of PowerEasy 2006

PowerEasy is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The specific flaw exists within the functionality for...

PHPWind 6.0 Cross Site Scripting

I found the PHPWind v6.0 just filter the xss code when the visitors login in, but it doesnt do it when login off. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This flaw makes its all the parameters...

e-soft24 Article Directory Script - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43343/info e-soft24 Article Directory Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Multi Website 1.5 - 'search' HTML Injection

source: https://www.securityfocus.com/bid/43245/info Multi Website is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run i...

Programs Rating - 'postcomments.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/35746/info Programs Rating Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Linksys WVC54GCA 1.00R221.00R24 (Wireless-G) - Multiple Cross-Site Scripting Vulnerabilities

Linksys WVC54GCA 1.00R221.00R24 Wireless-G - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34714/info Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple cross-site scripting vulnerabilities because the software fails to...

JVN#91591874 PEAK XOOPS piCal cross-site scripting vulnerability

piCal from PEAK XOOPS is a calendar module with a scheduler for XOOPS. piCal contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the...

iPeGuestbook 1.7/2.0 - 'pg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31911/info iPei Guestbook is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

Quick Cart 3.1 - 'admin.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31216/info Quick.Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Horde Application Framework 3.2.1 - Forward Slash Insufficient Filtering Cross-Site Scripting

source: https://www.securityfocus.com/bid/31107/info Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CeleronDude Uploader 6.1 - 'account.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31010/info Celerondude Uploader is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

OpenDB 1.0.6 - 'user_profile.php?redirect_url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30989/info Open Media Collectors Database OpenDb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser ...

RMSOFT MiniShop 1.0 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/30616/info RMSOFT MiniShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Claroline 1.8.9 - phpBBnewtopic.php Cross-Site Scripting

Claroline 1.8.9 - phpBBnewtopic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage thes...

FaName 1.0 - page.php?name Cross-Site Scripting

FaName 1.0 - page.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code i...