Blog Manager inc_webblogmanager.asp ItemID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...

EsContacts 1.0 - importer.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script code in the browse...

Yogurt Social Network 3.2 rc1 Module for XOOPS tribes.php uid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30618/info Yogurt Social Network is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Zikula Application Framework 1.2.2 index.php func Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code i...

DevWorx BlogWorx 1.0 'forum.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37695/info DevWorx BlogWorx is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Turnkey eBook Store 1.1 'keywords' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Joomla! 3D Cloud 'tagcloud.swf' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37958/info The 3D Cloud component for Joomla! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

OpenDocMan 1.2.5 category.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

Mojo Mail 2.7 Email Form Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6040/info Mojo Mail does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks. As a result, it is possible for a remote attacker to create a malicious link containing script code which...

Drupal 4.x URL-Encoded Input HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16117/info Drupal is prone to an HTML injection vulnerability when handling URL-encoded HTML and script code in message content. This issue is due to a failure in the application to properly sanitize user-supplied input...

CuteNews 1.4.5 show_news.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

Grayscale BandSite CMS 1.1 help_mp3.php max_file_size_purdy Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

Coppermine Photo Gallery 1.4.x mode.php referer Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25698/info Coppermine Photo Gallery is prone to a cross-site scripting issue and a local file-include issue. Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary code, and...

OpenDocMan 1.2.5 department.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

ProjectBB 0.4.5 .1 - Multiple Remote Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12709/info ProjectBB is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. As a result of these...

FlashCard 2.6.5 'id' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39648/info FlashCard is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

CuteNews 1.4.1 search.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17850/info CuteNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have...

VBulletin 3.0 ShowThread.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9889/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'showthread.php' script. This issue is reportedly due to a failure to sanitize user input and so allow for injection of...

EZ Publish 2.2.7/3.0 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7348/info Several cross site scripting vulnerabilities have been reported for eZ Publish. These vulnerabilities are due to insufficient sanitization of user-supplied data submitted to eZ Publish. Exploitation may allow...

Eudora WorldMail 2.0 Search Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8403/info It has been reported that a cross-site scripting issue exists in the search utility of the software. It is possible that an attacker may create a malicious link containing script code that could be executed in a...