AutoIndex PHP Script 2.2.2 PHP_SELF Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

My Databook diary.php delete Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/24311/info My DataBook is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

Calendar Express Search.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22578/info Calendar Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27982/info Packeteer PacketShaper and PolicyCenter are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...

Paranews 3.4 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31152/info Paranews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Diferior 8.03 Multiple XSS Vulnerabilities

No description provided by source. Vulnerability ID: HTB22721 Reference: http://www.htbridge.ch/advisory/storedxsscrosssitescriptingvulnerabilityindiferior.html Product: Diferior Vendor: Povilas Musteikis http://www.diferior.com/ Vulnerable Version: 8.03 and probably prior versions Vendor...

Blog Torrent 0.80 BTDownload.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11839/info It is reported that Blog Torrent is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a...

FishCart 3.1 display.php nlst Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues coul...

Orkut Clone profile_social.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/32600/info Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

i-Gallery 3.4 igallery.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21122/info The i-gallery application is prone to multiple-input validation vulnerabilities, including multiple cross-site scripting vulnerabilities and an HTML-injection issue, because the software fails to sufficiently...

WMSCMS 2.0 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24365/info WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. Attackers could exploit these issues to...

diafan.cms 4.3 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22777 Reference: http://www.htbridge.ch/advisory/xsrfcsrfindiafancms.html Product: diafan.CMS Vendor: Diafan http://www.diafan.ru/ Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type:...

MercuryBoard 1.1.5 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37605/info MercuryBoard is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

yappa-ng index.php album Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/32623/info The 'yappa-ng' program is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

IBM Lotus Domino 6.x/7.0 iNotes Email Subject XSS

No description provided by source. source: http://www.securityfocus.com/bid/16577/info IBM Lotus Domino iNotes is prone to multiple HTML- and script-injection vulnerabilities. These vulnerabilities can allow attackers to carry out a variety of attacks, including theft of cookie-based authenticati...

Claroline 1.8 learnPath/calendar/myagenda.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27999/info Plume CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser...

yappa-ng Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/32623/info The 'yappa-ng' program is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

Phorum 5.2 admin/banlist.php curr Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...