CVE-2006-2479

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - help Script Cross-Site Scripting

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - help Script Cross-Site Scripting source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-supplied input...

W2B Online Banking - SID Cross-Site Scripting

W2B Online Banking - SID Cross-Site Scripting source: https://www.securityfocus.com/bid/17626/info W2B Online Banking is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue t...

SiteSearch Indexer 3.5 - 'searchresults.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17332/info SiteSearch Indexer is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Claroline 1.x - 'rqmkhtml.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17344/info Claroline is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...

Caloris Planitia Technologies School Management System 1.0 - Cross-Site Scripting

Caloris Planitia Technologies School Management System 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/17257/info Caloris Planitia Technologies School Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to...

Contrexx CMS 1.0.x - index.php Cross-Site Scripting

Contrexx CMS 1.0.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue t...

MyBloggie 2.1.22.1.3 - deluser.php Cross-Site Scripting

MyBloggie 2.1.22.1.3 - deluser.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

DCP-Portal 3.7/4.x/5.x/6.x - 'forums.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities

AltantForum 4.0.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15887/info AtlantForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

SiteBeater News 4.0 - Archive.asp Cross-Site Scripting

SiteBeater News 4.0 - Archive.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15697/info SiteBeater News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Xerver 4.17 - Forced Directory Listing

Xerver 4.17 - Forced Directory Listing source: https://www.securityfocus.com/bid/15135/info Xerver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit a vulnerability to...

MySource 2.14 - upgrade_in_progress_backend.php?target_url Cross-Site Scripting

MySource 2.14 - upgradeinprogressbackend.php?targeturl Cross-Site Scripting source: https://www.securityfocus.com/bid/15132/info MySource is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

PHP Advanced Transfer Manager 1.30 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14887/info PHP Advanced Transfer Manager is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitra...

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input...

Jax PHP Scripts 1.01.342.143.31 - guestbook_ips2block Banned IP List Disclosure

Jax PHP Scripts 1.01.342.143.31 - guestbookips2block Banned IP List Disclosure source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-suppli...

Jax PHP Scripts 1.0/1.34/2.14/3.31 - suggestions.csv User IP Disclosure

source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script...

Jax PHP Scripts 1.0/1.34/2.14/3.31 - logfile.csv User IP Disclosure

source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script...

NetworkActiv Web Server 1.0/2.0/3.0/3.5 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/14473/info NetworkActiv Web Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in...

Clever Copy 2.0 - calendar.php Cross-Site Scripting

Clever Copy 2.0 - calendar.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14278/info A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically...