SkaDate Lite 2.0 CSRF / Cross Site Scripting

SkaDate Lite 2.0 Mu...

User Friendly SVN 'login' Cross Site Scripting Vulnerability

User Friendly SVN is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CMSimple - Default Administrator Credentials

source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security vulnerabilities An attacker can exploit these...

Barracuda Firewall 6.1.2 #36 - Exception Vulnerability

Document Title: =============== Barracuda Firewall 6.1.2 36 - Exception Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1102 Barracuda Networks Security ID BNSEC: BNSEC-2398 https://www.barracuda.com/support/knowledgebase/501600000013m1P...

WordPress ActiveHelper LiveHelp Live Chat Plugin Cross Site Scripting Vulnerability

WordPress ActiveHelper LiveHelp Live Chat Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

html...

Omeka 2.2 - CSRF And Stored XSS Vulnerability

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. !-- Omeka 2.2 CSRF And Stored XSS Vulnerability Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2 Summary: Omeka is a free, flexible, and open source...

WordPress Social Connect Plugin <= 1.0.4 XSS Vulnerability - Active Check

WordPress Social Connect Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress GarageSale plugin 'page' Parameter Cross Site Scripting Vulnerability

WordPress GarageSale Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Game-Tabs plugin 'n' Parameter Cross Site Scripting Vulnerability

WordPress Game-Tabs Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities

WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities source: https://www.securityfocus.com/bid/68519/info WeBid is prone to multiple cross-site-scripting vulnerabilities and an LDAP injection vulnerability. An attacker may leverage these issues to compromise the application, acces...

Microsoft Internet Explorer Extended Validation SSL Certificate Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass EV SSL certificate guidelines by using a wildcard certificate. This may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Au...

Yahoo! Bug Bounty #30 YM - Persistent Mail Vulnerability

Document Title: =============== Yahoo! Bug Bounty 30 YM - Persistent Mail Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1137 Release Date: ============= 2014-07-08 Vulnerability Laboratory ID VL-ID: ==================================== 11...

ownCloud Multiple Vulnerabilities-04 (Jul 2014)

ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...

ownCloud Multiple Vulnerabilities-01 (Jul 2014)

ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...

ownCloud Multiple Vulnerabilities-03 (Jul 2014)

ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...

Toms Gästebuch 1.00 form.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25507/info Toms Gästebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Whois.Cart 2.2.x Profile.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14044/info Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

ClipShare Pro 4.0 'fullscreen.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31898/info ClipShare Pro is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

Grayscale BandSite CMS 1.1 member_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...