GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...

cPanel <= 9.1 User Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13996/info It is reported that cPanel is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient...

CMS Made Simple 1.0.2 SearchInput Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21527/info CMS Made Simple is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute...

68 Classifieds 4.1 toplistings.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36208/info '68 Classifieds' is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in th...

4CMS SQL Injection and Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34355/info 4CMS is prone to multiple SQL-injection vulnerabilities and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting the SQL-injection issues could allow an...

Savant Web Server 3.1 CGITest.HTML Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8242/info cgitest.html has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the cgitest.html script. This issue could be exploite...

SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17770/info SunShop Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these...

Evenzia Content Management Systems (CMS) cross-site script vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24270/info Evenzia CMS is prone to a cross-site script vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Horde <= 3.3.5 Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37351/info Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

DieselScripts Diesel Paid Mail Getad.PHP

漏洞类型： 输入验证错误 漏洞文件： Getad.PHP 漏洞危害： 攻击者利用该漏洞可以获取用户cookie，从而执行其他攻击行为 解决方案： 厂商没有补丁，推荐使用加速乐: source: http://www.securityfocus.com/bid/19646/info Paid Mail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Webfroot Shoutbox 2.32 Viewshoutbox.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9289/info Webfroot Shoutbox is prone to a cross-site scripting vulnerability in the 'viewshoutbox.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via UR...

Jeebles Directory 2.9.60 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28221/info Jeebles Directory is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

IBM Lotus Domino 6.x Cross-Site Scripting and HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11458/info It is reported that Lotus Domino is susceptible to a cross-site scripting and an HTML injection vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. The...

pL-PHP 0.9 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37593/info pL-PHP is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21620/info Omniture SiteCatalyst is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

Blog Torrent 0.80 BTDownload.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11839/info It is reported that Blog Torrent is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a...

CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16376/info CheesyBlog is prone to multiple HTML injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied...

WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...

ECTOOLS Onlineshop 1.0 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15891/info ECTOOLS Onlineshop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Basic CMS 'q' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32531/info Basic CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...