45 matches found
PT-2024-23654 · Unknown · Rageframe2
Name of the Vulnerable Software and Affected Versions: RageFrame2 version 2.6.43 Description: A Reflected Cross Site Scripting XSS issue allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in...
ThinkPHP Multiple Parameter RCE
Binary data thinkphprce.nbin...
Oracle Application Testing Suite DownloadServlet Multiple Parameter Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to exfiltrate arbitrary files on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet. By providing repository, workspace, or...
ActiveHelper LiveHelp Server 3.1.0 - server/offline.php Multiple Parameter XSS
The activehelper-livehelp WordPress plugin was affected by a server/offline.php Multiple Parameter XSS security vulnerability...
GroupDocs Viewer 1.4.1 - grpdocs-dialog.php Multiple Parameter XSS
The GroupDocs.Viewer for Cloud WordPress plugin was affected by a grpdocs-dialog.php Multiple Parameter XSS security vulnerability...
GroupDocs Comparison <= 1.0.2 - Multiple Parameter XSS
The GroupDocs.Comparison for Cloud WordPress plugin was affected by a Multiple Parameter XSS security vulnerability...
Car Demon 1.0.1 - /wp-admin/post.php Multiple Parameter XSS
The Car Demon WordPress plugin was affected by a /wp-admin/post.php Multiple Parameter XSS security vulnerability...
LBG Zoominoutslider - settings_form.php Multiple Parameter Stored XSS
The lbgzoominoutslider WordPress plugin was affected by a settingsform.php Multiple Parameter Stored XSS security vulnerability...
LeagueManager <= 3.7 - wp-admin/admin.php Multiple Parameter XSS
The LeagueManager WordPress plugin was affected by a wp-admin/admin.php Multiple Parameter XSS security vulnerability...
TikiWiki Project 1.8 messu-read.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting,...
CarLine Forum Russian Board 4.2 memory.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...
phpGroupWare 0.9.x index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11952/info Reportedly PHPGroupWare contains multiple input validation vulnerabilities; it is prone to multiple SQL injection and cross-site scripting issues. These issues are all due to a failure of the application to...
iSupport 1.8 ticket_function.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/37380/info iDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary...
ac4p Mobile polls.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execu...
VWar 1.x war.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...
Dojo Toolkit <= 1.4.1 doh\runner.html Multiple Parameter XSS
No description provided by source...
Smart-Shop index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26232/info SMART-SHOP is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities may allow an attacker to perform...
CarLine Forum Russian Board 4.2 menu_footer.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...
CarLine Forum Russian Board 4.2 reply_in.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...
OpManager 6/7 reports/ReportViewAction.do Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...