Douran Portal 3.9.7.55 - Arbitrary File Upload / Cross-Site Scripting

source: https://www.securityfocus.com/bid/44594/info Douran Portal is prone to an arbitrary-file-upload vulnerability and a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to upload and execute...

Jira Cross Site Scripting and Information Disclosure Vulnerabilities

Atlassian JIRA is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

SocialABC NetworX 1.0.3 - Arbitrary File Upload / Cross-Site Scripting

source: https://www.securityfocus.com/bid/41396/info SocialABC NetworX is prone to an arbitrary file-upload vulnerability and a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to steal cookie-based...

SocialABC NetworX 1.0.3 - Arbitrary File Upload Cross-Site Scripting

SocialABC NetworX 1.0.3 - Arbitrary File Upload Cross-Site Scripting source: https://www.securityfocus.com/bid/41396/info SocialABC NetworX is prone to an arbitrary file-upload vulnerability and a cross-site scripting vulnerability because the application fails to sufficiently sanitize...

eliteCMS multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

CVE-2007-5289

HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...

interspireXSS.txt

I.Vulnerability Interspire TrackPoint NX Cross Site Scripting Vulnerability II.Vendor Interspire www.interspire.com III.Affected Systems - Interspire TrackPoint NX 0.1 IV.About TrackPoint is a web based sales tracking software. V.Description An attacker is able to inject HTML and client-side scri...

Google Desktop Search - Cross-Site Scripting

Google Desktop Search - Cross-Site Scripting source: https://www.securityfocus.com/bid/11541/info Google Desktop Search is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize HTML tag content. An attacker may leverage...

PhpBB HTTP Response Splitting & Cross Site Scripting vulnerabilities

///////////////////////////////////////////////////////////////////// //=================== Security Advisory =======================// ///////////////////////////////////////////////////////////////////// --------------------------------------------------------------------- --- PhpBB HTTP Respon...

Multiple XSS vulnerabilities in Microsoft SharePoint Portal Server 2001

-- Security Advisory -- Multiple XSS vulnerabilities in Microsoft SharePoint Portal Server 2001 -- Author: Ory Segal , Sanctum inc. http://www.SanctumInc.com -- Release Date: April 5th. 2004 -- Product: Microsoft SharePoint Portal Server 2001 -- Severity: High -- CVE: CAN-2004-0379 -- Description...

cPanel Malicious HTML Tags Injection Vulnerability

------------------------------------------------------------------------------- ----- cPanel Malicious HTML Tags Injection Vulnerability ------------------------------------------------------------------------------- -- Author: Ory Segal, Sanctum inc. http://www.SanctumInc.com -- Discovery Date:...