EasyDynamicPages 3.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30305/info EasyDynamicPages is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploitin...

iSupport 1.8 index.php which Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37380/info iDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary...

IBM Lotus Domino 7.0.2 'readme.nsf' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38481/info IBM Lotus Domino is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Simple PHP Blog 0.4 preview_cgi.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

Apache Tomcat 3.2.1 - 404 Error Page Cross Site Scripting Vulnerability

No description provided by source. Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Apache Tomcat <= 5.5.15 Cal2.JSP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25531/info Apache Tomcat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PostNuke 0.723 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7898/info The PostNuke 'modules.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site scripting attacks. This could allow for execution of hostile HTML and script code ...

PHP Live! 3.2.2 setup/transcripts.php search_string Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21737/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24033/info VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

Mambo MOStlyCE 2.4 Module - 'connector.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27470/info The MOStlyCE module for Mambo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Linksys Web Camera Software 2.10 Next_file Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The...

mcGallery 1.1 - show.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

mcGallery 1.1 - resize.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

ExpressionEngine 1.2.1 HTTP Response Splitting and Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27128/info ExpressionEngine is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Nortel Networks SRG V16 admin_modules.php module Parameter Traversal Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...

SamTodo 1.1 - 'tid' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29191/info Cisco BBSM Building Broadband Service Manager is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

EsContacts 1.0 - contacts.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

Koobi 5.0 BBCode URL Tag Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16078/info Koobi is prone to a script injection vulnerability. An attacker can nest BBCode URL tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code would be abl...