Uapplication Ublog Reload 1.0.5 Trackback.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Dvbbs 7.1/8.2 boardhelp.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14498/info DVBBS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary code in the...

SAP Web Application Server 7.0 - '/sap/bc/gui/sap/its/webgui/' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29317/info SAP Web Application Server is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

phpFreeChat 1.1 'demo21_with_hardocded_urls.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30292/info phpFreeChat is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

AzDGDatingMedium 1.9.3 'l' Parameter Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37514/info Azerbaijan Development AzDGDatingMedium is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issue...

ArbitroWeb PHP Proxy 0.5/0.6 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10592/info It is reported that ArbitroWeb is susceptible to a cross-site scripting vulnerability in its rawURL URI parameter. The URI parameter passed to 'index.php' called 'rawURL' contains the desired target for the pro...

Feng Office 1.7.3.3 CSRF Vulnerability

No description provided by source. Vulnerability ID: HTB22910 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinfengoffice.html Product: Feng Office Vendor: Secure Data SRL http://www.fengoffice.com/ Vulnerable Version: 1.7.3.3 and probably prior versions Vendor Notification: 17 March 2011...

Conkurent PHPMyCart 1.3 Cross Site Scripting and Authentication Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37553/info Conkurent PHPMyCart is prone to a cross-site scripting vulnerability and an authentication-bypass vulnerability. An attacker may leverage these issues to gain unauthorized access to the affected application and...

Citrix MetaFrame Web Manager - 'login.asp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27948/info Citrix MetaFrame Web Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...

EasyDynamicPages 3.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30305/info EasyDynamicPages is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data. Exploitin...

Chipmunk Forum newtopic.php forumID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15149/info Chipmunk products are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage these issue...

MGinternet Property Site Manager listings.asp Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An...

EasyPublish 3.0 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities...

BosClassifieds 1.20 'recent.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37555/info BosClassifieds is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29338/info phpSQLiteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

IBM BladeCenter Advanced Management Module 1.42 CSRF

No description provided by source. source: http://www.securityfocus.com/bid/34447/info IBM BladeCenter Advanced Management Module is prone to the following remote vulnerabilities: - An HTML-injection vulnerability - A cross-site scripting vulnerability - An information-disclosure vulnerability -...

VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

Opera Web Browser 9.62 History Search Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32015/info Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature. Attacker-supplied HTML and script code would run in the context of the...

SmartMedia Module 0.85 Beta for XOOPS 'categoryid' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37156/info The SmartMedia module for XOOPS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script cod...

PHProg 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19942/info PHProg is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and a local file-include...