1002 matches found
Micro CMS 1.0 - 'name' HTML Injection (1)
source: https://www.securityfocus.com/bid/43556/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in th...
CollabNet Subversion Edge Log Parser - HTML Injection
CollabNet Subversion Edge Log Parser - HTML Injection source: https://www.securityfocus.com/bid/43378/info CollabNet Subversion Edge is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content...
AContent 1.0 - Cross-Site Scripting HTML Injection
AContent 1.0 - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/43238/info AContent is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically...
Rumba XML 2.4 - index.php Multiple HTML Injection Vulnerabilities
Rumba XML 2.4 - index.php Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/42914/info Rumba XML is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated...
ArtGK CMS - Cross-Site Scripting / HTML Injection
source: https://www.securityfocus.com/bid/42923/info ArtGK CMS is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
Rumba XML 2.4 - 'index.php' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/42914/info Rumba XML is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and...
Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/42908/info Amiro.CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to r...
ArtGK CMS - Cross-Site Scripting HTML Injection
ArtGK CMS - Cross-Site Scripting HTML Injection source: https://www.securityfocus.com/bid/42923/info ArtGK CMS is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated...
WebsiteKit Gbplus - Name Body HTML Injection
WebsiteKit Gbplus - Name Body HTML Injection source: https://www.securityfocus.com/bid/42842/info Gbplus is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities
Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/42767/info Valarsoft WebMatic is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically...
Apple Webkit Rendering Counter Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's...
Hulihan Applications Amethyst 0.1.5 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/42253/info Hulihan Applications Amethyst is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...
DiamondList - usermainupdate_category?category[description] Cross-Site Scripting
DiamondList - usermainupdatecategory?categorydescription Cross-Site Scripting source: https://www.securityfocus.com/bid/42252/info DiamondList is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before usin...
DiamondList - '/user/main/update_category?category[description]' Cross-Site Scripting
source: https://www.securityfocus.com/bid/42252/info DiamondList is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
SA-CONTRIB-2010-076 - Dashboard - Cross Site Scripting (CSS)
The dashboard module allows users to create a personalized set of pages of widgets created from existing blocks and nodes like iGoogle. The module does not escape user generated names for tags & titles associated with default widgets that are added to a user dashboard page, leading to a Cross Sit...
Cetera eCommerce - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/42059/info Cetera eCommerce is prone to multiple cross-site-scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code wou...
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
source: https://www.securityfocus.com/bid/42071/info Impact Software Ad Peeps is prone to multiple cross-site scripting vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content...
Sourcefabric Campsite Articles - HTML Injection
source: https://www.securityfocus.com/bid/41780/info Sourcefabric Campsite is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code ...
eliteCMS Multiple Cross Site Scripting Vulnerabilities
eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the conte...
eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/41537/info eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...