eTicket 1.5.5 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27130/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverag...

Cross site scripting

Cross-site scripting XSS vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2009-4542

The CVE 2009-4542 describes an Cross-site Scripting (XSS) vulnerability in IsolSoft Support Center 2.5, specifically in newticket.php where the lang parameter can be exploited to inject arbitrary script/HTML. This allows an attacker to execute client-side code in a victim’s browser, with the CVSS...

CVE-2008-0093

Multiple cross-site scripting XSS vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the 1 Name and 2 Subject parameters...

CVE-2006-6159

Multiple cross-site scripting XSS vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 message or 2 subject parameter...

CVE-2006-6159

CVE-2006-6159 describes multiple cross-site scripting (XSS) vulnerabilities in DeskPRO 2.0.0 and 2.0.1, exploitable via the message or subject parameters in newticket.php. The underlying issue is that remote attackers can inject arbitrary web script or HTML. The CVSS basis is 6.8 (Medium), with n...