12 matches found
Phorum 5.0.14 Multiple Subject and Attachment HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...
NolaPro Enterprise 4.0.5538 Cross Site Scripting and SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/39875/info NolaPro Enterprise is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials,...
SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22731/info SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script cod...
IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/55561/info IFOBS is prone to multiple HTML-injection vulnerabilities. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how th...
Mantis 'manage_proj_cat_add.php' HTML Injection Vulnerability
Mantis is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing...
Kempt SiteDone 2.0 - detail.php Cross-Site Scripting SQL Injection
Kempt SiteDone 2.0 - detail.php Cross-Site Scripting SQL Injection source: https://www.securityfocus.com/bid/38856/info Kempt SiteDone is prone to an SQL-injection vulnerability and cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based...
Natychmiast CMS - Multiple Cross-Site Scripting / SQL Injections
source: https://www.securityfocus.com/bid/38561/info Natychmiast CMS is prone to multiple cross-site scripting and SQL-injection vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user,...
MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/36218/info MKPortal is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacke...
MySpace Scripts Poll Creator - index.php HTML Injection
MySpace Scripts Poll Creator - index.php HTML Injection source: https://www.securityfocus.com/bid/26544/info MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...
Five Star Review Script - 'index2.php?sort' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...
PHPX 3.5.9 - XCode Tag HTML Injection
source: https://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the...
LiveJournal - Cleanhtml.pl HTML Injection
LiveJournal - Cleanhtml.pl HTML Injection source: https://www.securityfocus.com/bid/15990/info LiveJournal is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...