WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12009/info It is reported that WorkBoard is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...

Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting

No description provided by source. 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Wordpress Plugin Catalog HTML Code Injection and Cross-site scripting Dork: N/A Date: 31-10-2012 Author: Daniel Barragan D4NB...

Invision Power Board 1.0/1.1/1.2 Admin.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8381/info Invision Power Board admin.php script reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization performed by functions in an Invision Power Board...

CuteNews 0.88/1.3 show_archives.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10620/info It is reported that CuteNews is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. The problems present...

FTLS GuestBook 1.1 Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6686/info Guestbook does not adequately filter HTML tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by the guestbook. The attacker's script code may be...

FreznoShop 1.2.3/1.3 Search Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9359/info FreznoShop is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to the software that include hostile HTML and script code. If such a link was followed by a victim user, t...

Divine Content Server 5.0 Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8763/info It has been reported that Divine Content Server is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the 'pagename' attribute in the err...

GNU MyProxy 20030629 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9846/info It has been reported that GNU MyProxy may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...

Expinion.net Member Management System 2.1 register.asp err Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/9932/info It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and...

onepound Shop / CMS XSS and SQL Injection Vulnerabilities

No description provided by source. :: General information :: onepound shop / cms XSS and SQL Injection vulnerabilities :: by Valentin Hoebel :: [email protected] :: Product information :: Name = onepound shop / cms :: Vendor = onepound :: Vendor Website = http://www.onepound.cn :: About the...

Nuke Bookmarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12907/info Nuke Bookmarks is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate t...

iSupport 1.x - CSRF HTML Code Injection to Add Admin

No description provided by source. !/usr/bin/perl Title : iSupport v1.x = Html Code injection to add admin Author : Or4nG.M4n Version : 1.x Homepage : http://www.idevspot.com/iSupport.php Google Dork: Powered by iSupport 1.8 Homepage : http://www.idevspot.com/ Thnks :...

AOL Instant Messenger 4.x/5.x Smiley Icon Location Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13553/info AOL Instant Messenger is reported prone to a remote denial of service vulnerability. The issue manifests when the affected client application handles a chat invitation, a file transfer, or a game request that...

Sambar Server 5.x results.stm Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6643/info Sambar Server does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be...

PluggedOut Blog 1.51/1.60 Blog_Exec.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10885/info PluggedOut Blog is reported prone to a cross-site scripting vulnerability. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerabl...

NOCC 1.0 html_bottom_table.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...

CutePHP CuteNews 1.3 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8060/info CutePHP is prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied input to news posts are not sufficiently sanitized of...

PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module

No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...

Mozilla Firefox 2.0.0.7 Malformed XBL Constructor Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26172/info Mozilla Firefox is prone to a remote denial-of-service vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to cause denial-of-service conditions. Firefox...

PHP ManualMaker 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18244/info PHP ManualMaker is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...