Indexu 5.0/5.3 login.php error_msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

Siteframe 2.2.4 search.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7140/info It has been reported that Siteframe does not sufficiently filter user supplied URI parameters on Siteframe pages. As a result of this deficiency, it is possible for a remote attacker to create a malicious link...

PowerPortal 1.1/1.3 Private Message HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10835/info A vulnerability is reported for PowerPortal which may make it prone to HTML injection attacks. The problem is said to occur due to a lack of sufficient sanitization performed on private message data...

Sun Java System Communications Express 6.3 'search.xml' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34154/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

Simple PHP Blog 0.4 colors.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

SysHotel On Line System 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27184/info SysHotel On Line System is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to...

Joomla! 'com_tienda' Component 'categoria' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37798/info The Joomla! 'comartistavenue' component is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

Active Calendar 1.2 data/y_3.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

Istgah For Centerhost 'view_ad.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39330/info Istgah for Centerhost is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Meeting Room Booking System (MRBS) 1.2.6 search.php area Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

@lex Guestbook 5.0 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37706/info @lex Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

e107 website system 0.7.5 search.php Query String (PATH_INFO) Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...

Invision Power Board 3.0 Multiple HTML-Injection and Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Toast Forums 1.6 Toast.ASP Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17249/info Toast Forums is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to ha...

Docebo CMS 3.0.x index.php searchkey Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22719/info Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass

No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...

MoinMoin 1.5.8/1.9 Cross-Site Scripting and Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/32208/info MoinMoin is prone to cross-site scripting and information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...

PaperThin CommonSpot Content Server 4.5 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16071/info PaperThin CommonSpot Content Server is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Active Auction House WatchThisItem.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13039/info Active Auction House is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...