128 matches found
PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
source: https://www.securityfocus.com/bid/37553/info Conkurent PHPMyCart is prone to a cross-site scripting vulnerability and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the affected application and execute arbitrary script code in...
PHP 5.2.11 - 'htmlspecialCharacters()' Malformed Multibyte Character Cross-Site Scripting (2)
source: https://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Oracle E-Business Suite Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ======================================================= Oracle E-Business Suite Multiple Remote Vulnerabilities ======================================================= Oracle E-Business Suite is prone to multiple authentication-bypass and...
phpMyFAQ <= 2.5.4 Multiple Unspecified XSS Vulnerabilities
phpMyFAQ is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PHP Easy Shopping Cart 3.1R - 'subitems.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/44142/info PHP Easy Shopping Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
CommuniGate Pro is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
ViArt Shop 3.5 - 'manuals_search.php?manuals_search' Cross-Site Scripting
source: https://www.securityfocus.com/bid/33043/info ViArt Shop is prone to multiple remote vulnerabilities: - Multiple cross-site scripting vulnerabilities - An information-disclosure vulnerability - An authentication-bypass vulnerability An attacker can exploit these issues to execute arbitrary...
NPDS < 08.06 - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/33051/info NPDS is prone to multiple input-validation vulnerabilities: - Multiple local file-include vulnerabilities - An HTML-injection vulnerability - Multiple SQL-injection vulnerabilities - Multiple cross-site scripting vulnerabilities Exploiting thes...
Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/32572/info Pre ASP Job Board is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Smart Survey 1.0 - surveyresults.asp Cross-Site Scripting
Smart Survey 1.0 - surveyresults.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/30841/info Smart Survey is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
Jack (tR) Jax LinkLists 1.00 - jax_linklists.php Cross-Site Scripting
Jack tR Jax LinkLists 1.00 - jaxlinklists.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28518/info Jax LinkLists is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...
BlackBoard Academic Suite 6/7 - '/webapps/BlackBoard/execute/viewCatalog?searchText' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28455/info Blackboard Academic Suite is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of...
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
MilliScripts - 'dir.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
bcoos 1.0.10 - ratephoto.php SQL Injection
bcoos 1.0.10 - ratephoto.php SQL Injection source: https://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...
Helios Calendar 1.1/1.2 - 'admin/index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26312/info Helios Calendar is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's browser session in the...
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplie...
OpManager 67 - traceRoute.do?name Cross-Site Scripting
OpManager 67 - traceRoute.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
Fullaspsite ASP Hosting Site - 'listmain.asp?cat' SQL Injection
source: https://www.securityfocus.com/bid/22545/info Fullaspsite Shop is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. A successful exploit of these...
AnnonceScriptHP 2.0 - '/Templates/admin.dwt.php?email' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21514/info AnnonceScriptHP is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to ste...