247 matches found
CodetoSell ViArt Shop Enterprise 2.1.6 basket.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...
CodetoSell ViArt Shop Enterprise 2.1.6 products.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...
Adobe ColdFusion Server <= 8.0.1 wizards/common/_authenticatewizarduser.cfm Query String XSS
No description provided by source. source: http://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS
No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16002/info Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Blue Coat Reporter 7.0/7.1 License HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13725/info Blue Coat Reporter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
MonoChat 1.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17983/info MonoChat is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...
PHPX 3.5.9 XCode Tag HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
Adobe ColdFusion Server <= 8.0.1 administrator/logviewer/searchlog.cfm startRow Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
PABox 2.0 Post Icon HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12796/info paBox is reportedly affected by a HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. The...
Bit 5 Blog 8.1 AddComment.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16246/info Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
phpstats 0.1_alpha - 'phpstats.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28291/info The 'phpstats' program is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...
OTRS Help Desk Multiple Vulnerabilities
OTRS Help Desk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...
WordPress Plugin Terillion Reviews - Profile Id HTML Injection
source: https://www.securityfocus.com/bid/58415/info The Terillion Reviews plugin for WordPress is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied...
Astaro Security Gateway 8.1 - HTML Injection
source: https://www.securityfocus.com/bid/51301/info Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of t...
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting
source: https://www.securityfocus.com/bid/56882/info Simple Invoices is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...
AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/55589/info AxisInternet VoIP Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute...
WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/53523/info Newsletter Manager plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues ...
GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS
GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS. CVE-2012-6621. Webapps exploit for php platform source: http://www.securityfocus.com/bid/53501/info GetSimple CMS is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplie...
Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting
Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting source: https://www.securityfocus.com/bid/53448/info Chevereto Image Upload Script is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input before...