SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22731/info SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script cod...

NolaPro Enterprise 4.0.5538 Cross Site Scripting and SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39875/info NolaPro Enterprise is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,...

Phorum 5.0.14 Multiple Subject and Attachment HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...

IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/55561/info IFOBS is prone to multiple HTML-injection vulnerabilities. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how th...

Mantis 'manage_proj_cat_add.php' HTML Injection Vulnerability

Mantis is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing...

Kempt SiteDone 2.0 - detail.php Cross-Site Scripting SQL Injection

Kempt SiteDone 2.0 - detail.php Cross-Site Scripting SQL Injection source: https://www.securityfocus.com/bid/38856/info Kempt SiteDone is prone to an SQL-injection vulnerability and cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based...

Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/38561/info Natychmiast CMS is prone to multiple cross-site scripting and SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user,...

MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/36218/info MKPortal is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacke...

MySpace Scripts Poll Creator - index.php HTML Injection

MySpace Scripts Poll Creator - index.php HTML Injection source: https://www.securityfocus.com/bid/26544/info MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

Five Star Review Script - 'index2.php?sort' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...

PHPX 3.5.9 - XCode Tag HTML Injection

source: https://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the...

LiveJournal - Cleanhtml.pl HTML Injection

LiveJournal - Cleanhtml.pl HTML Injection source: https://www.securityfocus.com/bid/15990/info LiveJournal is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...