SiteBar <= 3.3.8 integrator.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

osCommerce 2.2 admin/zones.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

AIOCP 1.3.x cp_codice_fiscale.php choosed_language Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

ForumJBC 4.0 Haut.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19992/info ForumJBC is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverge this issue to have arbitrary script code execute in the browser of...

DRZES HMS 3.2 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15766/info DRZES HMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

PHP Running Management 1.0.2 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27268/info PHP Running Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PluggedOut Blog 1.51/1.60 Blog_Exec.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10885/info PluggedOut Blog is reported prone to a cross-site scripting vulnerability. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerabl...

Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18502/info Datecomm is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Java Search Engine 0.9.34 Search.JSP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

OneWorldStore OWListProduct.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

LandShop 0.6.3 ls.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based...

WordPress WP-FeedStats 2.1 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...

LandShop 0.6.3 ls.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal cookie-based...

TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8688/info It has been reported that several of the modules included with TCLHTtpd are vulnerable to cross-site scripting attacks. According to the report, the Status, Debug, Mail and Admin modules are affected by these...

PG MatchMaking search.php show Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35808/info PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

PhpWebGallery 1.4.1 category.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17421/info PHPWebGallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

Microsoft SharePoint Server 2.0 Picture Source HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28706/info Microsoft SharePoint Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Note that to perform attacks, an attacker requires access to a user...

Chipmunk Guestbook 1.4 Homepage HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16112/info Chipmunk Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

MyServer 0.8 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13578/info myServer is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

Thwboard Beta 2.8 misc.php userid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...