280 matches found
CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16376/info CheesyBlog is prone to multiple HTML injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied...
sBlog 0.7.2 comments_do.php Multiple Variable POST Method XSS
No description provided by source. source: http://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
Elite Forum 1.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15257/info Elite Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Webfroot Shoutbox 2.32 Viewshoutbox.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9289/info Webfroot Shoutbox is prone to a cross-site scripting vulnerability in the 'viewshoutbox.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via UR...
Bitweaver 1.1/1.2 Title Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
PABox 2.0 Post Icon HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12796/info paBox is reportedly affected by a HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. The...
ETicket 1.5.5 Open.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverag...
IT!CMS 0.2 lang-en.php wndtitle Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues...
BlaBla 4U Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19513/info Multiple cross-site scripting vulnerabilities affect BlaBla 4U because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...
Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9768/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to insufficient sanitization of input supplied via the 'c', 'f', , 'showuser', and 'username' URI parameters...
phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...
PHPGuestbook 0.0.2/1.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17537/info phpGuestbook is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scrip...
NextAge Shopping Cart Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17685/info NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...
ExpressionEngine 1.6 Avtaar Name HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34193/info ExpressionEngine is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
Bit 5 Blog 8.1 AddComment.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16246/info Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
MyBB 1.0.1/1.0.2 Notepad UserCP.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16361/info MyBB is prone to an HTML-injection vulnerability. This issue is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...
VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS
No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Nullsoft Shoutcast 1.9.7 Logfile HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22742/info Nullsoft SHOUTcast is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
CodetoSell ViArt Shop Enterprise 2.1.6 products.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...
Oracle Application Server 9i Webcache Cache_dump_file Cross-Site Scripting Vulnerability
No description provided by source. source : http://www.securityfocus.com/bid/13421/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application to properly sanitize user-supplied input...