osCommerce 2.2 admin/languages.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21620/info Omniture SiteCatalyst is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

ac4p Mobile index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execu...

WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...

DieselScripts Diesel Paid Mail Getad.PHP

漏洞类型： 输入验证错误 漏洞文件： Getad.PHP 漏洞危害： 攻击者利用该漏洞可以获取用户cookie，从而执行其他攻击行为 解决方案： 厂商没有补丁，推荐使用加速乐: source: http://www.securityfocus.com/bid/19646/info Paid Mail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

osCommerce 2.2 admin/stats_products_purchased.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

Azerbaijan Development Group AzDGDatingPlatinum 1.1 .0 view.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13082/info AzDGDatingPlatinum is reported prone to multiple vulnerabilities. The following specific issues were identified: - Multiple SQL-injection vulnerabilities. These issues could permit remote attackers to pass...

PHP iCalendar 1.12.x - day.php Cross-Site Scripting

PHP iCalendar 1.12.x - day.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...

BlueSocket BSC 2100 5.0/5.1 - Admin.pl Cross-Site Scripting

source: https://www.securityfocus.com/bid/21419/info BlueSocket BSC 2100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in...

Selenium Web Server 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/21100/info Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting...

ac4p Mobile - 'send.php?cats' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecti...

Jamroom 3.0.16 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20162/info Jamroom is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context ...

DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities

DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/19622/info Multiple cross-site scripting vulnerabilities affect Job Site because the application fails to properly sanitize user-supplied input before including it in...

e107 0.7.5 - Subject HTML Injection

e107 0.7.5 - Subject HTML Injection source: https://www.securityfocus.com/bid/18560/info The e107 CMS is prone to an HTML-injection vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site...

iFusion iFlance 1.1 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/18399/info iFlance is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Enigma Haber 4.2 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/18226/info Enigma Haber is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser ...

timobraun Dynamic Galerie 1.0 - galerie.php?pfad Arbitrary Directory Listing

timobraun Dynamic Galerie 1.0 - galerie.php?pfad Arbitrary Directory Listing source: https://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to...