280 matches found
Bitweaver 1.11.2 - Title HTML Injection
Bitweaver 1.11.2 - Title HTML Injection source: https://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HT...
Easy Forum 2.5 - New User Image File HTML Injection
Easy Forum 2.5 - New User Image File HTML Injection source: https://www.securityfocus.com/bid/16958/info Easy Forum is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...
Easy Forum 2.5 - New User Image File HTML Injection
source: https://www.securityfocus.com/bid/16958/info Easy Forum is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
vBulletin 3.0/3.5 - 'profile.php?Email' HTML Injection
source: https://www.securityfocus.com/bid/16919/info vBulletin is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
vBulletin 3.03.5 - profile.php?Email HTML Injection
vBulletin 3.03.5 - profile.php?Email HTML Injection source: https://www.securityfocus.com/bid/16919/info vBulletin is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...
PHPX 3.5.9 - XCode Tag HTML Injection
source: https://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the...
PHPX 3.5.9 - XCode Tag HTML Injection
PHPX 3.5.9 - XCode Tag HTML Injection source: https://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code woul...
CuteNews 1.4.1 - show_news.php Cross-Site Scripting
CuteNews 1.4.1 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16740/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generate...
CuteNews 1.4.1 - 'show_news.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16740/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this issue...
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection source: https://www.securityfocus.com/bid/16719/info The e107 content management system CMS Chatbox Plugin is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied...
Siteframe Beaumont 5.0.15.0.2 - page.php HTML Injection
Siteframe Beaumont 5.0.15.0.2 - page.php HTML Injection source: https://www.securityfocus.com/bid/16695/info Siteframe Beaumont is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content...
My Blog 1.63 - BBCode HTML Injection
source: https://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
HTML::BBCode 1.031.04 - HTML Injection
HTML::BBCode 1.031.04 - HTML Injection source: https://www.securityfocus.com/bid/16680/info HTML::BBCode is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
HTML::BBCode 1.03/1.04 - HTML Injection
source: https://www.securityfocus.com/bid/16680/info HTML::BBCode is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would ...
My Blog 1.63 - BBCode HTML Injection
My Blog 1.63 - BBCode HTML Injection source: https://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Gastebuch 1.3.2 - Cross-Site Scripting
Gastebuch 1.3.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/16615/info Gastebuch is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
My Little Homepage Products - BBCode Link Tag Script Injection
My Little Homepage Products - BBCode Link Tag Script Injection source: https://www.securityfocus.com/bid/16395/info My Little Homepage Web log, guestbook, and forum are prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied...
My Little Homepage Products - BBCode Link Tag Script Injection
source: https://www.securityfocus.com/bid/16395/info My Little Homepage Web log, guestbook, and forum are prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-suppli...