1017 matches found
Miro Broadcast Machine 0.9.9 Login.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26407/info Miro Broadcast Machine is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script...
Microsoft Internet Explorer 6.0 Search Pane URI Obfuscation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11851/info A remote URI obfuscation vulnerability has been found in Internet Explorer's search pane functionality. This issue is due to a failure of the application to present the URI address of HTML and script code loade...
Joomla_1.6.0-Alpha2 XSS Vulnerabilities
No description provided by source. Title:Joomla1.6.0-Alpha2 XSS Vulnerabilities Date: 2010-05-02 Author: mega-itec.com Software Link: http://joomlacode.org/gf/download/frsrelease/11322/45252/Joomla1.6.0-Alpha2-Full-Package.zip Version: 1.6.0-alpha2 Tested on: relevant os CVE : Code :...
OpenBB 1.0 .0 RC3 BBCode Cross Agent HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection attacks. The...
AneCMS 1.3 Persistant XSS Vulnerability
No description provided by source. Exploit Title: AneCMS 1.3 Persistant XSS Date: 17.1.2011 Author: Penguin Visit: www.null-sector.info Software Link: http://anecms.com/anecms.zip Version: 1.3 Tested on: Linux I Vulnerability ---------------------- You can add blogpost comments that does not get...
GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability
No description provided by source. Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix this issue Info: GigPress is a...
Escapade 0.2.1 Beta Scripting Engine PAGE Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8573/info A cross-site scripting vulnerability has been reported for Escapade. The vulnerability exists due to insufficient sanitization of some user-supplied values. An attacker could exploit this issue to execute...
XOOPS 1.0 RC3 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a us...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
Invision Power Board 1.3 Pop Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9822/info It has been reported that Invision Power Board may be prone to a cross-site scripting vulnerability. This may allow a remote attacker to cause hostile HTML or script code to be rendered in a user's browser via a...
Webcam Corp Webcam Watchdog 4.0.1 sresult.exe Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10837/info Reportedly Webcam Corp Webcam Watchdog is affected by a remote cross-site scripting vulnerability in the sresult.exe binary. This issue is due to a failure of the application to properly sanitize user-supplied...
PluggedOut Blog 1.51/1.60 Blog_Exec.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10885/info PluggedOut Blog is reported prone to a cross-site scripting vulnerability. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerabl...
Expinion.net Member Management System 2.1 register.asp err Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9932/info It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and...
Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities
No description provided by source. !-- Digital Scribe 1.5 registerform Multiple POST XSS Vulnerabilities Vendor: Digital Scribe Product web page: http://www.digital-scribe.org Affected version: 1.5 Summary: The Digital Scribe is a free, intuitive system designed to help teachers put student work...
Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting
No description provided by source. 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Wordpress Plugin Catalog HTML Code Injection and Cross-site scripting Dork: N/A Date: 31-10-2012 Author: Daniel Barragan D4NB...
FTLS GuestBook 1.1 Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6686/info Guestbook does not adequately filter HTML tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by the guestbook. The attacker's script code may be...
KDE Konqueror <= 3.5.7 Assert Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25170/info KDE Konqueror is prone to a remote denial-of-service vulnerability because it fails to handle improperly formated HTML code. An attacker may exploit this vulnerability to cause Konqueror to crash, resulting in...
MTP Poll 1.0 - Multiple XSS Vulnerabilities
No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...
Sambar Server 5.x results.stm Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6643/info Sambar Server does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be...
RSA ClearTrust 4.6/4.7 Login Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7108/info A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values. An attacker can exploit...