LinPHA 1.3.2/1.3.3 new_images.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/34500/info LinPHA is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Attackers can leverage these issues to execute arbitrary script code in the...

HAMweather 3.9.8 Template.PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20311/info HAMweather is prone to a script-code-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

Indexu 5.0/5.3 suggest_category.php error_msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Ekinboard 1.0.3 Profile.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15447/info Ekinboard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

Microsoft Internet Explorer 5 Document Reference Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5841/info A vulnerability has been reported in Microsoft Internet Explorer that may allow for remote attackers to execute script code in the context of other domains/security Zones. The cause appears to be a lack of acces...

contentserver 5.6.2929 errors/transaction.asp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

Cofax 2.0 Search.HTM Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15940/info Cofax is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

PostNuke Phoenix 0.726 openwindow.php hlpfile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests...

Divine Content Server 5.0 Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8763/info It has been reported that Divine Content Server is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the 'pagename' attribute in the err...

xt:Commerce 3.04 XTCsid Parameter Session Fixation

No description provided by source. source: http://www.securityfocus.com/bid/31313/info xt:Commerce is prone to multiple vulnerabilities, including a session-fixation vulnerability and a cross-site scripting vulnerability. An attacker can leverage the session-fixation issue to hijack a session of ...

212cafeBoard Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22167/info 212cafeBoard is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

evalSMSI 2.1.3 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38116/info evalSMSI is prone to multiple vulnerabilities, including an authentication-bypass issue, an SQL-Injection issue, and an HTML-Injection issue. Attackers can exploit these issues to gain administrative access to...

IDevSpot BizDirectory 2.04 - 'page' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30980/info IDevSpot BizDirectory is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

GeeCarts - search.php id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...

Google Mini Search Appliance 3.4.14 IE Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25894/info Google Mini Search Appliance is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

LightBlog <= 5 Add_Comment.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24741/info LightBlog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Indexu 5.0/5.3 power_search.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Packeteer PacketShaper and PolicyCenter 8.2.2 - 'FILELIST' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27982/info Packeteer PacketShaper and PolicyCenter are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...

miniBB 2.2 - 'bb_admin.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28957/info miniBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Social Web CMS 2 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38329/info Social Web CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...