128 matches found
Saxon 5.4 Menu.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26237/info Saxon is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
PECL Alternative PHP Cache Local 3 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32934/info PECL Alternative PHP Cache is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied...
Adobe RoboHelp Frameset-7.HTML Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23878/info RoboHelp is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Mailman 2.1.x Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20021/info Mailman is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-input. These issues include multiple cross-site scripting vulnerabilities and a CRLF-injection...
Dredge School Administration System - DSMloader.php Cross-Site Request Forgery (Admin Account Manipulation)
Dredge School Administration System - DSMloader.php Cross-Site Request Forgery Admin Account Manipulation source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site...
Dredge School Administration System - DSMloader.php?Id SQL Injection
Dredge School Administration System - DSMloader.php?Id SQL Injection source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A...
Dredge School Administration System - DSMloader.php Account Information Disclosure
Dredge School Administration System - DSMloader.php Account Information Disclosure source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery...
Dredge School Administration System - '/DSM/loader.php?Id' SQL Injection
source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An information-disclosure...
Piwigo - admin.php Cross-Site Request Forgery (User Creation)
Piwigo - admin.php Cross-Site Request Forgery User Creation source: https://www.securityfocus.com/bid/64357/info Piwigo is prone to cross-site request-forgery and HTML-injection vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions, execute...
Piwigo - 'admin.php' Cross-Site Request Forgery (User Creation)
source: https://www.securityfocus.com/bid/64357/info Piwigo is prone to cross-site request-forgery and HTML-injection vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions, execute arbitrary script or HTML code within the context of the...
AlgoSec Firewall Analyzer - Cross-Site Scripting
AlgoSec Firewall Analyzer - Cross-Site Scripting source: https://www.securityfocus.com/bid/61733/info AlgoSec Firewall Analyzer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...
WordPress Trafficanalyzer Plugin XSS Vulnerability
WordPress Trafficanalyzer Plugin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...
WordPress ADIF Log Search Widget Plugin - Cross Site Scripting
WordPressADIF Log Search Widget plugin's "logbooksearch.php" is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker c...
Matterdaddy Market - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/60150/info Matterdaddy Market is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script code, upload arbitrary files, steal...
Jojo CMS - 'search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/59933/info Jojo CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...
Cisco Video Surveillance Operations Manager - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/58476/info Cisco Video Surveillance Operations Manager is prone to multiple security vulnerabilities, including: 1. Multiple local file-include vulnerabilities 2. A security-bypass vulnerability 3. Multiple cross-site scripting vulnerabilities An attacker...
WordPress Theme Pinboard - 'tab' Cross-Site Scripting
source: https://www.securityfocus.com/bid/57873/info The Pinboard theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
TinyBrowser - 'edit.php' Directory Listing
source: https://www.securityfocus.com/bid/57230/info TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting
source: https://www.securityfocus.com/bid/57200/info The NextGEN Gallery plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Amateur Photographers Image Gallery - plist.php?albumid SQL Injection
Amateur Photographers Image Gallery - plist.php?albumid SQL Injection source: https://www.securityfocus.com/bid/56110/info Amateur Photographer's Image Gallery is prone to multiple SQL injection vulnerabilities, a cross-site scripting vulnerability, and an arbitrary file-disclosure vulnerability...