6665 matches found
Apache 2.2.2 CGI Script Source Code Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19447/info Apache is prone to an information-disclosure vulnerability because it fails to properly handle exceptional conditions. An attacker can exploit this issue to retrieve script source code. Information obtained may...
Sage 1.3.6 Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code...
Opera 5.0/5.1 Same Origin Policy Circumvention Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains, allowing for...
LoudBlog 0.41 index.php template Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
Softbiz Image Gallery image_desc.php latest Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30546/info Softbiz Photo Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script co...
PostNuke Phoenix 0.760 RC3 OP Parameter Remote Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web conten...
e107 Website System 0.5/0.6 Log.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself...
My Blog 1.63 BBCode HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...
osCommerce 2.2 admin/zones.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
Claroline 1.8.9 announcements/announcements.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
HotPlug CMS 1.0 Login1.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary HTML an...
JShop E-Commerce Suite 3.0 - Page.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11003/info Reportedly the JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'page.php' script. This issue is due to a failure of the application to properly santitize user-supplied input. A...
PG MatchMaking browse_men.php show Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35808/info PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...
MyBloggie 2.1.2/2.1.3 BBCode IMG Tag HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17865/info MyBloggie is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Simple Machines Forum <= 1.1.7 '[url]' Tag HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...
DotNetNuke <= 4.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20117/info DotNetNuke is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
WebEvent <= 4.03 Webevent.CGI Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25148/info WebEvent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Indexu 5.0/5.3 user_detail.php u Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
Grayscale BandSite CMS 1.1 shows_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Sabros.US 1.7 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22115/info The 'sabros.us' application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute ...