36 matches found
Axis Commerce 0.8.7.2 Remote Script Insertion Vulnerabilities
Summary Powerful open source ecommerce platform. Description Axis Commerce suffers from multiple stored XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and...
Zend Server 5.6.0 multiple remote script insertion defect and repair-vulnerability warning-the black bar safety net
!-- Title: Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities Author: Zend Technologies Ltd. Product home page: http://www.zend.com Affected version: Zend Server 5.6.0 Zend Optimizer+ 4.1 Zend Code Tracing 1.0 Zend Data Cache 4.0 Zend Job Queue 4.0 Zend Debugger 5.3 Zend Java Brid...
Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities
Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities !-- Title: Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities Vendor: Zend Technologies Ltd. Product web page: http://www.zend.com Affected version: Zend Server 5.6.0 Zend Optimizer+ 4.1 Zend Code Tracing 1.0 Zen...
Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities
Summary Zend Server is a complete, enterprise-ready Web Application Server for running and managing PHP applications. Description Zend Server and its components suffers from a cross-site scripting vulnerability. The persistent stored XSS issues are triggered when input passed via several paramete...
acontent 1.1 - Multiple Vulnerabilities
acontent 1.1 - Multiple Vulnerabilities AContent 1.1 Multiple SQL Injection Vulnerabilities Vendor: ATutor Inclusive Design Institute Product web page: http://www.atutor.ca Affected version: 1.1 build r296 Summary: AContent is an open source learning content authoring system and respository used ...
AContent 1.1 (category_name) Remote Script Insertion Vulnerability
Summary AContent is an open source learning content authoring system and respository used to create interoperable, accessible, adaptive Web-based learning content. It can be used along with learning management systems to develop, share, and archive learning materials. Description AContent suffers...
acontent 1.1 - Multiple Vulnerabilities
AContent 1.1 Multiple SQL Injection Vulnerabilities Vendor: ATutor Inclusive Design Institute Product web page: http://www.atutor.ca Affected version: 1.1 build r296 Summary: AContent is an open source learning content authoring system and respository used to create interoperable, accessible,...
Oracle MySQL Eventum 2.3 Cross Site Scripting
Oracle MySQL Eventum 2.3 Remote Script Insertion Vulnerabilities Vendor: MySQL AB / Oracle Corporation Product web page: http://forge.mysql.com/wiki/Eventum Affected version: 2.2 and 2.3 Summary: Eventum is a user-friendly and flexible issue tracking system that can be used by a support departmen...
CVE-2004-0203
Cross-site scripting XSS vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query...
CVE-2003-0769
Cross-site scripting XSS vulnerability in the ICQ Web Front guestbook guestbook.html allows remote attackers to insert arbitrary web script and HTML via the message field...
CVE-2003-0446
Cross-site scripting XSS in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message...
CVE-2003-0481
Multiple cross-site scripting XSS vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to fileselect.php...
CVE-2003-0416
Cross-site scripting XSS vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via 1 the year parameter in a showmonth action, 2 the month parameter in a showmonth action, or 3 the host parameter in a showhost action...
CVE-2003-0341
Cross-site scripting XSS vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field...
CVE-2003-0278
Cross-site scripting XSS vulnerability in normalhtml.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter...
CVE-2002-1335
Cross-site scripting XSS vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies...