280 matches found
wsCMS - 'news.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/40447/info wsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the brows...
BackLinkSpider 1.3.1774 - Multiple Cross-Site Scripting Vulnerabilities
BackLinkSpider 1.3.1774 Multiple Cross Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40400/info BackLinkSpider is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before usi...
SoftDirec 1.05 - delete_confirm.php Cross-Site Scripting
SoftDirec 1.05 - deleteconfirm.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40269/info SoftDirec is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...
SoftDirec 1.05 - 'delete_confirm.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/40269/info SoftDirec is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
FreePBX 2.5.2 - Zap Channel Addition Description Parameter Cross-Site Scripting
FreePBX 2.5.2 - Zap Channel Addition Description Parameter Cross-Site Scripting source: https://www.securityfocus.com/bid/37482/info FreePBX is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input befor...
Cacti 0.8.x - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/37109/info Cacti is prone to multiple cross-site-scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in t...
PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection
PacketVideo Twonky Server 4.4.175.0.65 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/41929/info Twonky Server is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input...
PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection
source: https://www.securityfocus.com/bid/41929/info Twonky Server is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
Planet 2.0 - HTML Injection
source: https://www.securityfocus.com/bid/36392/info Planet is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the...
Adobe ColdFusion Server 8.0.1 - administratorenter.cfm Query String Cross-Site Scripting
Adobe ColdFusion Server 8.0.1 - administratorenter.cfm Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamical...
Adobe ColdFusion Server 8.0.1 - wizardscommon_logintowizard.cfm Query String Cross-Site Scripting
Adobe ColdFusion Server 8.0.1 - wizardscommonlogintowizard.cfm Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in...
Adobe ColdFusion Server 8.0.1 - administratorlogviewersearchlog.cfm?startRow Cross-Site Scripting
Adobe ColdFusion Server 8.0.1 - administratorlogviewersearchlog.cfm?startRow Cross-Site Scripting source: https://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in...
Adobe ColdFusion Server 8.0.1 - '/wizards/common/_authenticatewizarduser.cfm' Query String Cross-Site Scripting
source: https://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of...
Multi Website 1.5 - 'search' HTML Injection
source: https://www.securityfocus.com/bid/43245/info Multi Website is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run i...
Recipe Script 5.0 - 'First Name' HTML Injection
source: https://www.securityfocus.com/bid/43888/info Recipe Script is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run i...
Recipe Script 5.0 - First Name HTML Injection
Recipe Script 5.0 - First Name HTML Injection source: https://www.securityfocus.com/bid/43888/info Recipe Script is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
Simple Machines Forum (SMF) 1.1.7 - [url] Tag HTML Injection
Simple Machines Forum SMF 1.1.7 - url Tag HTML Injection source: https://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
source: https://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the...
MagpieRSS 0.72 - CDATA HTML Injection
MagpieRSS 0.72 - CDATA HTML Injection source: https://www.securityfocus.com/bid/33044/info MagpieRSS is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scri...
PECL Alternative PHP Cache Local 3 - HTML Injection
source: https://www.securityfocus.com/bid/32934/info PECL Alternative PHP Cache is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in...