MySQL 5 - Command Line Client HTML Special Characters HTML Injection

source: https://www.securityfocus.com/bid/31486/info MySQL is prone to an HTML-injection vulnerability because the application's command-line client fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in...

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

ScrewTurn Software ScrewTurn Wiki 2.0.x - System Log Page HTML Injection

ScrewTurn Software ScrewTurn Wiki 2.0.x - System Log Page HTML Injection source: https://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

phpStats 0.1_alpha - phpStats.php Cross-Site Scripting

phpStats 0.1alpha - phpStats.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacke...

phpStats 0.1_alpha - 'phpStats.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script...

Cfnetgs 0.24 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28267/info Cfnetgs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

SNewsCMS 2.x - search.php Cross-Site Scripting

SNewsCMS 2.x - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28262/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27813/info Sophos Email Appliance is prone to multiple cross-site scripting vulnerabilities that affect its web interface because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage...

WebCalendar 1.1.6 - pref.php Cross-Site Scripting

WebCalendar 1.1.6 - pref.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically...

Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting

source: https://www.securityfocus.com/bid/27409/info Apache 'modnegotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML o...

GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. Attacker-supplied HTML and script code could execut...

GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities

GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically...

MySpace Scripts Poll Creator - index.php HTML Injection

MySpace Scripts Poll Creator - index.php HTML Injection source: https://www.securityfocus.com/bid/26544/info MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

Hackish 1.1 - 'Blocco.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

Hackish 1.1 - Blocco.php Cross-Site Scripting

Hackish 1.1 - Blocco.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this iss...

SNewsCMS 2.1 - 'News_page.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25963/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

IT!CMS 0.2 - 'titletext-ed.php?wndtitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...

IT!CMS 0.2 - menu-ed.php?wndtitle Cross-Site Scripting

IT!CMS 0.2 - menu-ed.php?wndtitle Cross-Site Scripting source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...

IT!CMS 0.2 - lang-en.php?wndtitle Cross-Site Scripting

IT!CMS 0.2 - lang-en.php?wndtitle Cross-Site Scripting source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...

IT!CMS 0.2 - 'menu-ed.php?wndtitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...