Citrix NFuse 1.51/1.6 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4372/info Citrix NFuse is an application portal server meant to provide the functionality of any application on the server via a web browser. NFuse works in conjunction with a previously-installed webserver. NFuse is said...

phpMyForum 4.0 index.php type Variable CRLF Injection

No description provided by source. source: http://www.securityfocus.com/bid/17420/info phpMyForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Azerbaijan Development Group AzDGDatingPlatinum 1.1 .0 view.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13082/info AzDGDatingPlatinum is reported prone to multiple vulnerabilities. The following specific issues were identified: - Multiple SQL-injection vulnerabilities. These issues could permit remote attackers to pass...

BizDesign ImageFolio 2.x/3.0.1 imageFolio.cgi direct Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input. The vulnerability exists in various cgi scripts included with ImageFolio. As a result, it ...

Ikonboard 2.17/3.0/3.1 Image Tag Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4182/info Ikonboard is a Web Bulletin Board Service BBS software package written in Perl which runs on Unix and Linux variants. Ikonboard allows users to include images in forum messages using image tags, with the followi...

ezUpload 2.2 customize.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16300/info Phpclanwebsite is prone to a script-injection vulnerability. An attacker can nest BBCode IMG tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code wou...

RunCMS 1.x Bigshow.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An...

427BB 2.x Multiple Remote HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

Calendarix 0.7 YearCal.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17562/info Calendarix is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

No description provided by source. Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300...

Microsoft Internet Explorer 5.0.1 JavaScript Method Assignment Cross-Domain Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10689/info A vulnerability exists in Microsoft Internet Explorer that may allow cross-domain/cross-zone scripting. It is reported that the vulnerability presents itself due to a failure to properly validate trust...

MagicScripts E-Store Kit-2 PayPal Edition Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12909/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. Thi...

Aruba MC-800 Mobility Controller Screens Directory HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26465/info Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML and...

Microsoft Internet Explorer 5 Classic Mode FTP Client Cross Domain Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7810/info The Microsoft Internet Explorer FTP indexing implementation could allow script code to be executed in the security zone of another FTP site. This vulnerability only exists when Internet Explorer FTP is used in...

TikiWiki 1.9 Tiki-view_forum_thread.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15371/info TikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

phpAdultSite CMS 'results_per_page' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31057/info phpAdultSite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of...

D-Forum 1.11 Nav.PHP3 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12720/info D-Forum is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. As a result of this vulnerability, it is possible f...

Yogurt Social Network 3.2 rc1 Module for XOOPS index.php uid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30618/info Yogurt Social Network is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...