IBM Lotus Quickr QuickPlace Server 8.0 - Calendar 'Count' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27925/info IBM Lotus Quickr is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

phpBB 2.0.21 Privmsg.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22001/info phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...

VWar 1.x war.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...

Dokeos <= 1.8.4 main/admin/course_category.php category Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

Coppermine Photo Gallery 1.x menu.inc.php CPG_URL Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly...

PHP Multi User Randomizer 2006.09.13 Configure_Plugin.TPL.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23917/info PHP Multi User Randomizer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Pixel Motion Blog - 'list_article.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

Oracle HTTP Server 8.1.7/9.0.1/9.2 isqlplus Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link...

xt:Commerce 3.04 XTCsid Parameter Session Fixation

No description provided by source. source: http://www.securityfocus.com/bid/31313/info xt:Commerce is prone to multiple vulnerabilities, including a session-fixation vulnerability and a cross-site scripting vulnerability. An attacker can leverage the session-fixation issue to hijack a session of ...

PHPMyAdmin 2.8.1 Set_Theme Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17142/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Verisign MPKI 6.0 Haydn.EXE Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17170/info MPKI 6.0 is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to spoof the results of...

VP-ASP Shopping Cart 6.50 ShopContent.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24033/info VP-ASP Shopping Cart is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

JSPWiki <= 2.5.139 Diff.jsp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25803/info JSPWiki is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting issues and an HTML-injection issue, because the application fails to adequately sanitize user-supplied inpu...

Grayscale BandSite CMS 1.1 merch_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

Nihuo Web Log Analyzer 1.6 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10988/info An HTML injection vulnerability is reported in Nihuo Web Log Analyzer. The problem occurs due to a lack of proper sanitization of user-supplied input data. Attackers may potentially exploit this issue to...

Technology for Solutions 1.0 'id' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37811/info Technology for Solutions is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

TimberWolf 1.2.2 ShowNews.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21733/info TimberWolf is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in t...

V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16706/info V-webmail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script...

Log1CMS 2.0 (ajax_create_folder.php) Remote Code Execution

No description provided by source. ?php / +-----------------------------------------------------------+ + Log1CMS 2.0ajaxcreatefolder.php Remote Code Execution + +-----------------------------------------------------------+ Web-App : Log1CMS 2.0 Vendor : http://log1cms.sourceforge.net/...

PHP Grade Book 1.9.4 Unauthenticated SQL Database Export

No description provided by source. 'PHP Grade Book' Unauthenticated SQL Database Export CVE-2012-1670 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in admin/index.php that allows for an unauthenticated user to export the...