CVE-2025-36230

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

CVE-2025-36230 XSS in IBM Aspera Faspex

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

CVE-2025-36121

IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

CVE-2024-49343

IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

Security Bulletin: IBM CICS TX Standard is vulnerable to HTML injection (CVE-2022-34160)

Summary IBM CICS TX Standard could allow a remote attacker to inject malicious HTML code. The fix removes this vulnerability CVE-2022-34160 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34160 DESCRIPTION: IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A...

CVE-2018-1671

IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-force ID: 144951...

Input validation

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655...

Input validation

IBM DOORS Next Generation DNG/RRC 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756...

CVE-2016-9696

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Reference : 1999960...

Design/Logic Flaw

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Reference : 1999960...

NetWin DBabble 2.5 i Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8637/info A cross-site scripting problem has been reported in NetWin DBabble. This could make it possible for an attacker to potentially execute code in the security context of a site using the vulnerable software. This...

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications ============================================================= iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities ============================================================= iScripts EasySnaps Multiple SQL Injection Vulnerabilities...

Sql injection

SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2007-0950

Cross-site scripting XSS vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2007-0951

Technical details (affected products, versions, root cause, or fixes) are not publicly available in the provided connected documents. Monitor for updates.

CVE-2007-0950

CVE-2007-0950 is an XSS vulnerability in listmain.asp of the Fullaspsite ASP Hosting Site, exploitable by injecting arbitrary script via the cat parameter. The NVD entry records a CVSS v2 base score of 6.8 (Network attack vector, Medium access complexity, No authentication, Partial impact on conf...

Fullaspsite ASP Hosting Site - listmain.asp?cat Cross-Site Scripting

Fullaspsite ASP Hosting Site - listmain.asp?cat Cross-Site Scripting source: https://www.securityfocus.com/bid/22545/info Fullaspsite Shop is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to...