145 matches found
Search Network 2.0 - 'query' Cross-Site Scripting
source: https://www.securityfocus.com/bid/49064/info Search Network is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/49051/info Softbiz Recipes Portal script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...
ChatLakTurk PHP Botlu Video - 'ara.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/47428/info ChatLakTurk PHP Botlu Video is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
rbot 0.9.14 - '!react' Unauthorized Access
source: https://www.securityfocus.com/bid/39915/info Rbot is prone to an unauthorized-access vulnerability because it fails to adequately sanitize user supplied data. An attacker can exploit this vulnerability to gain administrative rights to the rbot application. This will allow a remote attacke...
ShopEx Single 4.5.1 - 'errinfo' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39941/info ShopEx Single is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
DataLife Engine 8.3 - '/engine/ajax/addcomments.php?_REQUEST[skin]' Remote File Inclusion
source: https://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks a...
Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities
Kasseler CMS 1.3.4 Lite - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/37435/info Kasseler CMS is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or...
PHP-Calendar 1.1 - 'update10.php?configfile' Traversal Local File Inclusion
source: https://www.securityfocus.com/bid/37450/info PHP-Calendar is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to execute arbitrary local and remote scripts in the...
Article Directory - 'login.php' SQL Injection
source: https://www.securityfocus.com/bid/37356/info Article Directory is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...
Autodesk Maya Script Nodes Arbitrary Command Execution
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk Maya Script Nodes Arbitrary Command Execution 1. Advisory Information Title: Autodesk Maya Script Nodes Arbitrary Command...
Core Security Technologies Advisory 2009.0908
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk SoftImage Scene TOC Arbitrary Command Execution 1. Advisory Information Title: Autodesk SoftImage Scene TOC Arbitrary Command Execution Advisory Id:...
Autodesk SoftImage Scene TOC - Arbitrary Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk SoftImage Scene TOC Arbitrary Command Execution 1. Advisory Information Title: Autodesk SoftImage Scene TOC Arbitrary Command Execution Advisory Id:...
Autodesk SoftImage Scene TOC Arbitrary Command Execution
Exploit for unknown platform in category local exploits ======================================================== Autodesk SoftImage Scene TOC Arbitrary Command Execution ======================================================== Title: Autodesk SoftImage Scene TOC Arbitrary Command Execution CVE-ID...
PHD Help Desk 1.43 - area_list.php Multiple Cross-Site Scripting Vulnerabilities
PHD Help Desk 1.43 - arealist.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied...
Snitz Forums 2000 Cross Site Scripting and HTML Injection Vulnerabilities
Snitz Forums 2000 is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal...
AfterLogic WebMail Pro 4.7.10 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/36605/info AfterLogic WebMail Pro is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...
Joomla! Component com_mediaalert - id SQL Injection
Joomla! Component commediaalert - id SQL Injection source: https://www.securityfocus.com/bid/36356/info The 'commediaalert' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting thi...
Paypal Shopping Cart Script - 'index.php?cid' SQL Injection
source: https://www.securityfocus.com/bid/43471/info Paypal Shopping Cart Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...
phpGroupWare Multiple Input Validation Vulnerabilities
phpGroupWare is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
XOOPS 2.3.3 - 'op' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/35895/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...