4048 matches found
PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13276/info PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is followed, the cod...
Indexu 5.0/5.3 sendmail.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
Indexu 5.0/5.3 search.php keyword Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
Oracle Weblogic Server 10.3 'console-help.portal' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35673/info Oracle WebLogic Server is prone to a cross-site scripting vulnerability. An attacker with 'WLS Console Package' privileges can exploit this issue. The attacker may leverage this issue to execute arbitrary scrip...
Horde 3.1 'Passwd' Module Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35573/info The Horde 'Passwd' module is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12841/info PHPOpenChat is reportedly affected by multiple remote HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically...
Exponent CMS 0.96.5/ 0.96.6 magpie_slashbox.php rss_url Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23574/info Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
News Module for Envolution modules.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15857/info Envolution is prone to multiple input validation vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft ...
VideoGirls forum.php t Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/36168/info VideoGirls is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context...
phpldapadmin 0.9.8 copy_form.php dn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...
Synthetic Reality SymPoll 1.5 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8956/info It has been reported that Sympoll is prone to a cross-site scripting vulnerability. The issue is reported to exist due insufficient sanitization of user-supplied data through the 'vo' parameter. The problem may...
Feng Office 1.7.3.3 CSRF Vulnerability
No description provided by source. Vulnerability ID: HTB22910 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfengoffice.html Product: Feng Office Vendor: Secure Data SRL http://www.fengoffice.com/ Vulnerable Version: 1.7.3.3 and probably prior versions Vendor Notification: 17 March 2011...
APC PowerChute Network Shutdown HTTP Response Splitting and Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...
Blog:CMS 4.1.3 List.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21173/info BLOG:CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27982/info Packeteer PacketShaper and PolicyCenter are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...
JetPhoto 1.0/2.0/2.1 thumbnail.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18677/info H-Sphere is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
FMDeluxe 2.1 Index.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26587/info FMDeluxe is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a...
Simpnews 2.x admin/index.php Unspecified XSS
No description provided by source. source: http://www.securityfocus.com/bid/20714/info SimpNews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute...
GL-SH Deaf Forum 6.5.5 Cross-Site Scripting Vulnerability and Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29849/info GL-SH Deaf Forum is prone to a cross-site scripting vulnerability and an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site...