1002 matches found
PHP-Fusion 7.2.4 - 'downloads.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51365/info PHP-Fusion is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/51276/info Yaws is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML...
SQLiteManager 1.2.4 - index.php Multiple Cross-Site Scripting Vulnerabilities
SQLiteManager 1.2.4 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51294/info SQLiteManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically...
SQLiteManager 1.2.4 - main.php?dbsel Cross-Site Scripting
SQLiteManager 1.2.4 - main.php?dbsel Cross-Site Scripting source: https://www.securityfocus.com/bid/51294/info SQLiteManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An...
SQLiteManager 1.2.4 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51294/info SQLiteManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary scrip...
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51045/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An...
Fork CMS 3.1.5 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51045/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...
Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities
Pulse Pro 1.7.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51056/info Pulse Pro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An...
Elxis CMS 2009 - 'index.php?task' Cross-Site Scripting
source: https://www.securityfocus.com/bid/50910/info Elxis CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script co...
Elxis CMS 2009 - 'administrator/index.php' URI Cross-Site Scripting
source: https://www.securityfocus.com/bid/50910/info Elxis CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script co...
Elxis CMS 2009 - index.php?task Cross-Site Scripting
Elxis CMS 2009 - index.php?task Cross-Site Scripting source: https://www.securityfocus.com/bid/50910/info Elxis CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...
Fedora 15 : puppet-2.6.12-1.fc15 (2011-14994)
A bug in puppet's SSL certificate handling could allow nodes with a valid certificate to impersonate the puppet master. To be vulnerable, a user would have had to set the certdnsnames variable and generated certificates. This setting is not set by default in the Fedora/EPEL packages. This update...
Fedora 16 : puppet-2.6.12-1.fc16 (2011-14880)
A bug in puppet's SSL certificate handling could allow nodes with a valid certificate to impersonate the puppet master. To be vulnerable, a user would have had to set the certdnsnames variable and generated certificates. This setting is not set by default in the Fedora/EPEL packages. This update...
Search Plugin for Hotaru CMS 1.4.2 - admin_index.php?site_name Cross-Site Scripting
Search Plugin for Hotaru CMS 1.4.2 - adminindex.php?sitename Cross-Site Scripting source: https://www.securityfocus.com/bid/50657/info Hotaru CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically...
Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities
Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50646/info Infoblox NetMRI is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in...
Domain Shop - index.php Cross-Site Scripting
Domain Shop - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/50454/info Domain Shop is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...
Domain Shop - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/50454/info Domain Shop is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
Oracle DataDirect Buffer Overflow
g 208.152c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected and handled...
Ubuntu: Security Advisory (USN-1230-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
shopex password retrieve at the newly generated password may predict vulnerability-vulnerability warning-the black bar safety net
Brief description: shopex in the password place, there are some logic design problems, the cause can be predicted the newly-generated password may be used to attack acquiring others passwords Detailed description: The relevant code /core/shop/controller/ctl. passport. php: function sendPSW...