New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attack...

JSPWiki 2.5.139 - UserPreferences.jsp Multiple Cross-Site Scripting Vulnerabilities

JSPWiki 2.5.139 - UserPreferences.jsp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25803/info JSPWiki is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting issues and an HTML-injection issue, because the applicati...

TSguestbook 2.1 - Message HTML Injection

TSguestbook 2.1 - Message HTML Injection source: https://www.securityfocus.com/bid/8520/info It has been reported that TSguestbook may be prone to HTML injection attacks. The problem is said to occur due to insufficient sanitization of user-supplied input within the 'message' field. As a result, ...

Phorum 3.4.x - 'Message Form' HTML Injection

source: https://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by includi...