61 matches found
HTML Injection Vulnerability in Multiple Pivotal Products
Pivotal Cloud Foundry is an open source Platform-as-a-Service PaaS cloud computing platform from Pivotal Software that provides container scheduling, continuous delivery, and automated service deployment.Pivotal Elastic Runtime is one of Pivotal Cloud Foundry's runtime environments. UAA User...
Drupal Camtasia Relay Module Cross-Site Scripting Vulnerability
Drupal is an open source content management framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Camtasia Relay Module, which can be exploited by an attacker to execute arbitrary script code in a browser to steal cookie-based authentication credentials...
Amazon App Store Cross-Site Scripting Vulnerability
The Amazon App Store is a set of application stores from Amazon.com, Inc. in the United States. A cross-site scripting vulnerability exists in Amazon App Store. An attacker can exploit the vulnerability to execute arbitrary script code in the browser of a trusted user in the context of the affect...
Fortinet FortiOS HTML Injection Vulnerability
Fortinet FortiOS is a set of security operating system developed by the U.S. company Fita Fortinet dedicated to the FortiGate platform, which provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering, anti-spam and other security features. An HTML injection vulnerability exist...
Caucho Resin 2.0/2.1 - Multiple HTML Injection and Cross-site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8852/info It has been reported that Caucho Resin is prone to multiple HTML Injection and cross-site scripting vulnerabilities in various scripts that may allow a remote attacker to cause hostile HTML or script code to be...
WebCalendar 0.9.x colors.php color XSS
No description provided by source. source: http://www.securityfocus.com/bid/8539/info It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, weekdetails.php,...
aWebNews 1.2 visview.php _GET['cid'] Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17352/info aWebBB is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Eudora WorldMail 2.0 Search Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8403/info It has been reported that a cross-site scripting issue exists in the search utility of the software. It is possible that an attacker may create a malicious link containing script code that could be executed in a...
eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8506/info It has been reported that eNdonesia is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a victim's browser. The issue reportedly exists in the...
Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9768/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to insufficient sanitization of input supplied via the 'c', 'f', , 'showuser', and 'username' URI parameters...
MDaemon WorldClient < 10.0.2 Script Injection
Binary data 4765.prm...
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting Arbitrary File Upload
GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting Arbitrary File Upload source: https://www.securityfocus.com/bid/29849/info GL-SH Deaf Forum is prone to a cross-site scripting vulnerability and an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An...
EsContacts 1.0 - search.php?msg Cross-Site Scripting
EsContacts 1.0 - search.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script...
CuteNews 1.4.5 - show_news.php Cross-Site Scripting
CuteNews 1.4.5 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...
SAP Internet Transaction Server 6.106.20 - Cross-Site Scripting
SAP Internet Transaction Server 6.106.20 - Cross-Site Scripting source: https://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow...
SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal cookie-based credentials and to launch oth...
AckerTodo 4.0 - index.php Cross-Site Scripting
AckerTodo 4.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19894/info AckerTodo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal cookie-based...
MyMail 1.0 - login.php Cross-Site Scripting
MyMail 1.0 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18656/info MyMail is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
Mantis Bug Tracker 0.x/1.0 - 'View_filters_page.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15842/info Mantis is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities
Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials a...