1007 matches found
ANI-DoS.txt
1111111111111111111111...
CVE-2004-2138
Cross-site scripting XSS vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the 1 Name, 2 Email, 3 Homepage or 4 Comments field...
UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php?Cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...
Microsoft Internet Explorer 6 - Font Tag Denial of Service
Microsoft Internet Explorer 6 - Font Tag Denial of Service source: https://www.securityfocus.com/bid/11536/info Microsoft Internet Explorer is reported prone to a remote denial of service vulnerability. The issue presents itself due to a malfunction that occurs when certain font tags are...
Verylost LostBook 1.1 - Message Entry HTML Injection
Verylost LostBook 1.1 - Message Entry HTML Injection source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and...
e107 Website System 0.5/0.6 - 'Log.php' HTML Injection
source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself when a user supplies malicious HT...
PISG 0.54 - IRC Nick HTML Injection
PISG 0.54 - IRC Nick HTML Injection source: https://www.securityfocus.com/bid/10195/info pisg has been reported prone to an input validation vulnerability. The issue will only present itself when pisg is used to monitor an IRC server that does not place limitations on IRC Nick values that can be...
BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9516/info BRS WebWeaver has been reported prone to a cross-site scripting vulnerability. An attacker may create a malicious link to the vulnerable server that includes embedded HTML and script code. If this link is followed by a victim user, hostile code...
Xoops 2.0.x - viewtopic.php Cross-Site Scripting
Xoops 2.0.x - viewtopic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/9497/info It has been reported that Xoops may be prone to a cross-site scripting vulnerability that may allow a remote user to execute HTML or script code in a user's browser. HTML and script code may be...
Xoops 2.0.x - 'viewtopic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9497/info It has been reported that Xoops may be prone to a cross-site scripting vulnerability that may allow a remote user to execute HTML or script code in a user's browser. HTML and script code may be parsed via the 'topicid' and 'forum' URI parameters...
PHPGedView 2.52.6 - Individual.php Cross-Site Scripting
PHPGedView 2.52.6 - Individual.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11882/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This iss...
L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/9307/info Multiple cross-site scripting vulnerabilities have been reported in L-Soft Listserv. An attacker may exploit these issues by embedding hostile HTML and script code in a link to a site hosting the software. This could permit theft of cookie-based...
Psychoblogger PB-beta1 - errormessage Cross-Site Scripting
source: https://www.securityfocus.com/bid/9293/info It has been reported that Psychoblogger may be prone to multiple cross-site scripting vulnerabilities that may allow a remote attacker to execute HTML or script code in a user's browser. The issues are reported to exist in the 'imageview.php',...
My Little Forum 1.3 - 'email.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9286/info my little forum is prone to a cross-site scripting vulnerability in the 'email.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via the URI parameters. A remote attacker could...
osCommerce 2.2 - manufacturers_id Cross-Site Scripting
osCommerce 2.2 - manufacturersid Cross-Site Scripting source: https://www.securityfocus.com/bid/9277/info A vulnerability has been reported to exist in the software that may allow a remote user to launch cross-site scripting attacks. The problem is reported to exist due to improper sanitizing of...
Virtual Programming VP-ASP 4/5 - 'shopdisplayproducts.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9164/info A vulnerability has been reported to exist in VP-ASP software that may allow a remote user to launch cross-site scripting attacks. A remote attacker may exploit this issue to potentially execute HTML or script code in the security context of the...
NullLogic Null HTTPd 0.5.1 - Error Page Long HTTP Request Cross-Site Scripting
source: https://www.securityfocus.com/bid/8695/info It has been reported that Null HTTPd is prone to a cross-site scripting vulnerability when displaying error pages that may allow an attacker to execute HTML or script code in a user's browser. The issue was previously reported and fixed BID 5603...
AldWeb MiniPortail 1.92.x - LNG Cross-Site Scripting
AldWeb MiniPortail 1.92.x - LNG Cross-Site Scripting source: https://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code ...
AldWeb MiniPortail 1.9/2.x - 'LNG' Cross-Site Scripting
source: https://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code is not sanitized from a URI parameter passed to...
IdealBB 1.4.9 Beta - HTML Injection
source: https://www.securityfocus.com/bid/8480/info IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of the user viewing the malicious messag...