6665 matches found
Built2go News Manager 1.0 Blog rating.php nid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22783/info Built2Go News Manager Blog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
Microsoft Office 2003 Embedded Shockwave Flash Object Security Bypass Weakness
No description provided by source. source: http://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users. A successful attack...
ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12596/info ZeroBoard is reported prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may...
WordPress Trashbin Plugin 0.1 'mtb_undelete' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37097/info The Trashbin plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...
Private Message System 2.x index.php Page Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9308/info Private Message System is prone to a cross-site scripting vulnerability. This issue may be exploited by creating a malicious link to a site hosting the software with hostile HTML and script code embedded in URI...
ProjectBB 0.4.5 .1 - Multiple Remote Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12709/info ProjectBB is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. As a result of these...
Openfire <= 3.6.2 'group-summary.jsp' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32937/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...
Owl Intranet Engine 0.95 'register.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
WebCortex WebStores2000 Error.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9693/info It has been reported that WebStores2000 is prone to a cross-site scripting vulnerability. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate...
HitHost 1.0 viewuser.php hits Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Datecomm 1.1 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18502/info Datecomm is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
webMathematica 3 'MSP' Script Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37451/info webMathematica is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
ColdFusion MX Missing Template Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5011/info ColdFusion MX is prone to cross site scripting attacks. Attacker-supplied script code may be included in a malicious missing template URI generated by the default Missing Template handler of ColdFusion. The...
Injader 2.1.1 SQL Injection and HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32843/info Injader is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage the HTML-injection issues t...
Lyrics Script 'search_results.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31437/info Lyrics Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Microsoft Site Server 3.0 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3999/info Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commerce Edition...
VBulletin 1.0/1.1/2.0.x/2.2.x Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9649/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate...
Dating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...
CuteNews 0.88/1.3 example1.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10620/info It is reported that CuteNews is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. The problems present...
E-Zone Media FuzeTalk 2.0 AddUser.CFM Administrator Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10276/info It has been reported that FuseTalk is affected by an administrator command execution vulnerability in the adduser.cfm script. This issue is due to a failure of the application to properly validate the origin of...