Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting

Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple...

Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)

source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - A cross-site request-forgery...

Pre ASP Job Board - 'emp_login.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32572/info Pre ASP Job Board is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Microsoft Internet Explorer Event Handling Cross Domain Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain security-bypass vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may allow...

Gentoo Security Advisory GLSA 200604-12 (mozilla-firefox)

The remote host is missing updates announced in advisory GLSA 200604-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nooms 1.1 - 'smileys.php?page_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

mUnky 0.01 - 'index.php' Remote Code Execution

source: https://www.securityfocus.com/bid/30705/info mUnky is prone to a remote code-execution vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue allows attackers to cause the application to execute arbitrary script code in the context of t...

Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities

Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30542/info Pluck is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

Claroline 1.8.9 - 'work/work.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser ...

Claroline 1.8.9 - 'exercise/exercise.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser ...

Tiny Portal 1.0 - 'shouts' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

Poplar Gedcom Viewer 2.0 - Search Page Multiple Cross-Site Scripting Vulnerabilities

Poplar Gedcom Viewer 2.0 - Search Page Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/28608/info Poplar Gedcom Viewer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

Nuke ET 3.4 - 'mensaje' HTML Injection

source: https://www.securityfocus.com/bid/28614/info Nuke ET is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Attackers will likely require access to a user account to perform attacks. Exploiting this issue may allow an attacker to...

Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27571/info Domain Trader is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

GLSA-200710-31 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200710-31 Opera: Multiple vulnerabilities Michael A. Puls II discovered an unspecified flaw when launching external email or newsgroup clients CVE-2007-5541. David Bloom discovered that when displaying frames from different...

Hackish 1.1 - 'Blocco.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability -...

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24383/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This...

Doop Content Management System 1.3.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/23482/info Doop Content Management System is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication...