Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2021-59740)

A cross-site scripting vulnerability exists in Scheduler in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...

CVE-2016-1155

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies...

CVE-2016-1155

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies...

XAMPP 1.6.x 'showcode.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37999/info XAMPP is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this vulnerability to obtain potentially sensitive information an...

Open Realty 'select_users_template' Parameter Local File Include Vulnerability

Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allo...

Joomla! Component com_xcomp - Local File Inclusion

source: https://www.securityfocus.com/bid/52078/info The Xcomp component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitra...

Joomla Component 'com_img' Local File Include Vulnerability

The 'comimg' component for Joomla! is prone to a local file- include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver...

Saskias ShopSystem - id Local File Inclusion

Saskias ShopSystem - id Local File Inclusion source: https://www.securityfocus.com/bid/38574/info Saskia's Shopsystem is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitiv...

SquirrelMail: Several XSS vulnerabilities

Background SquirrelMail is a webmail package written in PHP. It supports IMAP and SMTP protocols. Description SquirrelMail is vulnerable to several cross-site scripting issues, most reported by Martijn Brinkers. Impact By enticing a user to read a specially-crafted e-mail or using a manipulated...

CVE-2002-1007

Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via 1 the courseid parameter in a link to login.pl, 2 the CTID parameter in ProcessInfo.cgi, or 3 the Message parameter in index.cgi...