4048 matches found
PHP-Fusion 4.0/5.0/6.0 BBCode URL Tag Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14688/info PHP-Fusion is prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Cezanne 6.5.1/7 - CFLookUP.asp Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28772/info Cezanne Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Authenticated attackers may leverage these issues to execute arbitrary scrip...
Oliver Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24754/info Oliver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...
Nullsoft Shoutcast 1.9.7 Logfile HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22742/info Nullsoft SHOUTcast is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
RWAuction Pro 4.0 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15740/info The 'rwAuction Pro' application is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue ...
Built2go News Manager 1.0 Blog news.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22783/info Built2Go News Manager Blog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9853/info It has been reported that cPanel may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...
V3 Chat Instant Messenger - mail/index.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
Dragonfly CMS 9.0.6 .1 Web_Links Module Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
Moodle 1.1/1.2 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10251/info It has been reported that Moodle is susceptible to a cross-site scripting vulnerability in the 'help.php' script. This issue is due to a failure of the application to properly sanitize user-supplied input prior...
MyNews 1.6.x 'hash' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27652/info MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
MKPortal 1.2.1 /modules/blog/index.php Home Template Textarea SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and insecure-temporary-file-creation vulnerabilities. Attackers can...
V3 Chat Instant Messenger - mail/reply.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
phpMyChat 0.14.5 chat/deluser.php3 LIMIT Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26698/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
Php-Stats 0.1.9.1 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28824/info Php-Stats is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browser...
Cacti <= 0.8.7 'data_input.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34991/info Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22796/info Woltlab Burning Board is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and...
Dragonfly CMS 9.0.6 .1 Surveys Module Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
YaBB 1.40/1.41 Login Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login attempts. As ...
singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...