blogBuddies 0.3 magpie_debug.php url Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15555/info blogBuddies is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/37099/info The FireStats plugin for WordPress is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the...

Speedywiki 2.0/2.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20976/info Speedywiki is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include an arbitrary file-upload vulnerability and a...

WebCalendar 0.9.x colors.php color XSS

No description provided by source. source: http://www.securityfocus.com/bid/8539/info It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, weekdetails.php,...

Dokeos <= 1.8.4 main/create_course/add_course.php tutor_name Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...

RunCMS 1.x Bigshow.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An...

RedKernel Referrer Tracker 1.1 .0-3 Rkrt_stats.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16266/info Referrer Tracker is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

CartWIZ 1.10 Login.ASP Message Argument Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13341/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Programs Rating postcomments.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35746/info Programs Rating Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

MarmaraWeb E-commerce index.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15875/info E-commerce is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

TML 0.5 index.php form Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15876/info TML CMS is prone to multiple input validation vulnerabilities. Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of...

CartWIZ 1.10 SearchResults.ASP SKU Argument Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13342/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Yapig 0.9x Thanks_comment.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19709/info Yapig is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. This may let an attacker steal cookie-based authentication credentials and launch other attacks...

VBulletin 2.0.x/2.2.x members2.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6246/info Due to insufficient sanitization of user supplied values, it is possible to exploit a vulnerability in VBulletin. By passing an invalid value to a variable located in 'members2.php', it is possible to generate a...

PHPBB 2.0.x Profile.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

Stringbeans Portal 3.2 Projects Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26082/info Stringbeans Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...

IceWarp Web Mail 5.5.1 calendar_m.html createdataCX Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14980/info IceWarp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Game-Panel 2.6 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16979/info Game-Panel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content...

InnovaPortal msg.jsp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26084/info InnovaShop is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

AnnonceScriptHP 2.0 Templates/admin.dwt.php email Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21514/info AnnonceScriptHP is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...