DCP-Portal 3.7/4.x/5.x/6.x calendar.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Symantec LiveUpdate Administrator Management GUI HTML Injection

No description provided by source. Source: http://www.securityfocus.com/bid/46856/info Symantec LiveUpdate Administrator is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected application, potentiall...

Geeklog 1.3.7 Homepage User Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6604/info Geeklog is prone to HTML injection attacks. The user account 'Homepage' field is not sufficiently sanitized of HTML and script code. As a result, a malicious user may inject malicious HTML and script code into...

Pixelpost 1.4.3 User Comment HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

Advanced Guestbook 2.4.2 Picture.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23873/info Advanced Guestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...

Educe ASP Search Engine 1.5.6 - 'search.asp' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30849/info ASP Search Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

phpldapadmin 0.9.8 - template_engine.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...

CubeCart 2.0.x Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12658/info CubeCart is affected by multiple cross-site scripting vulnerabilities; an upgrade is available. These issues exist because the application fails to properly sanitize user-supplied input. As a result of these...

ht://Dig 3.2 Htsearch Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26610/info ht://Dig is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows an attacker to execute arbitrary HTML or script code in a...

DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...

eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8506/info It has been reported that eNdonesia is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a victim's browser. The issue reportedly exists in the...

NateOn Messenger 3.0 Arbitrary File Download And Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14974/info NateOn Messenger is susceptible to an arbitrary file download vulnerability, and a buffer overflow vulnerability. These issues are present in the 'NateonDownloadManager.ocx' ActiveX control that is installed wi...

phpBugTracker 0.9 bug.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the...

Mambo Open Source 4.6.2 mambots/editors/mostlyce/ .. /php/connector.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/30708/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser o...

PHP iCalendar 1.1/2.x search.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

PHP iCalendar 1.1/2.x month.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

Complete PHP Counter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15112/info Complete PHP Counter is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

AIOCP 1.3.x cp_links_search.php orderdir Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

Microsoft Internet Explorer 5 JavaScript Local File Enumeration Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3779/info Microsoft Internet Explorer is prone to a vulnerability which may disclose sensitive information to a malicious webmaster. When script code includes a file outside of the document it is embedded in and the file...

Free FAQ 1.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...