224 matches found
Extcalendar 1.0 - Cross-Site Scripting
Extcalendar 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/17146/info ExtCalendar is prone to four cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to ha...
TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/17029/info The 'textfileBB' application is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrar...
RunCMS 1.x - Bigshow.php Cross-Site Scripting
RunCMS 1.x - Bigshow.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...
Woltlab Burning Board 1.1.12.x - galerie_onfly.php Cross-Site Scripting
Woltlab Burning Board 1.1.12.x - galerieonfly.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker ma...
JGS-Gallery 4.0 - jgs_galerie_slideshow.php Multiple Cross-Site Scripting Vulnerabilities
JGS-Gallery 4.0 - jgsgalerieslideshow.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An...
JGS-Gallery 4.0 - 'jgs_galerie_slideshow.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of ...
JGS-Gallery 4.0 - 'Board jgs_galerie_scroll.php?userid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of ...
NOCC 1.0 - 'html_bottom_table.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and execute it ...
Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting
source: https://www.securityfocus.com/bid/16330/info MailSite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities
GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16255/info GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspectin...
PHP-Fusion 6.0 - members.php Cross-Site Scripting
PHP-Fusion 6.0 - members.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15931/info PHP-Fusion is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to ha...
Thwboard Beta 2.8 - v_profile.php?user SQL Injection
Thwboard Beta 2.8 - vprofile.php?user SQL Injection source: https://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of prop...
Thwboard Beta 2.8 - 'misc.php?userid' SQL Injection
source: https://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of user-supplied input. A remote...
JSE XSS vuln.
JSE XSS vuln. Vuln. dicovered by : r0t Date: 2 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/jse-xss-vuln.html Vendor:http://www.me.lv/jse/index.html affected version:0.9.34 Product Description: Java Search Engine is a server-side search engine program for web sites. Search engin...
blogBuddies 0.3 - magpie_debug.php?url Cross-Site Scripting
blogBuddies 0.3 - magpiedebug.php?url Cross-Site Scripting source: https://www.securityfocus.com/bid/15555/info blogBuddies is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
Simple PHP Blog 0.4 - preview_static_cgi.php Multiple Cross-Site Scripting Vulnerabilities
Simple PHP Blog 0.4 - previewstaticcgi.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Chipmunk Forum - newtopic.php?forumID Cross-Site Scripting
Chipmunk Forum - newtopic.php?forumID Cross-Site Scripting source: https://www.securityfocus.com/bid/15149/info Chipmunk products are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker...
Calendar Express Multiple Vulnerabilities (SQLi, XSS)
The remote host is using Calendar Express, a PHP web calendar. Vulnerabilities exist in this version that could allow an attacker to execute arbitrary HTML and script code in the context of the user's browser, and SQL injection. An attacker could exploit these flaws to use the remote host to...
MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14751/info MAXdev MD-Pro is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...