GNU Mailman 2.0.x Subscribe Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5298/info GNU Mailman is prone to a cross-site scripting vulnerability. Arbitrary HTML and script code are not sanitized from the URI parameters of mailing list subscribe scripts. An attacker may exploit this issue by...

Dick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15898/info Dick Copits PDEstore is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

EWay 4 Default.APSX Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22528/info eWay is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...

ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an...

OOApp Guestbook 2.1 Home Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16091/info OOApp Guestbook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

TikiWiki 2.2/3.0 'tiki-galleries.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34105/info TikiWiki is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to...

Shop Kit Plus StyleCSS.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22697/info Shop Kit Plus is prone to a local file-include vulnerability because it fails to adequately sanitize user-supplied data. An attacker can exploit this vulnerability using directory-traversal strings to execute...

Clever Copy 2.0 Calendar.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14278/info A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages. A...

WebChat 2.0 Users.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7779/info WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks. Attacker-supplied...

PHP-Nuke 6.0 Web Mail Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email...

Jax PHP Scripts 1.0/1.34/2.14/3.31 guestbook File Client IP Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

phpBugTracker 0.9 query.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the...

PHPLive! 3.2.2 setup/footer.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Benja CMS 0.1 /admin/admin_edit_topmenu.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/29884/info The 'benja CMS' program is prone to multiple vulnerabilities because it fails to adequately validate input and restrict access. These issues include three cross-site scripting issues, an arbitrary-file-upload...

QwikiWiki 1.4 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16874/info QwikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

AL-Caricatier 2.5 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17289/info AL-Caricatier is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

Grayscale BandSite CMS 1.1 pastshows_content.php the_band Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...

Zikula Application Framework 1.2.2 index.php func Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/39717/info Zikula Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code i...

Oracle Weblogic Server 10.3 'console-help.portal' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35673/info Oracle WebLogic Server is prone to a cross-site scripting vulnerability. An attacker with 'WLS Console Package' privileges can exploit this issue. The attacker may leverage this issue to execute arbitrary scrip...

W1L3D4 Philboard 0.3 W1L3D4_Aramasonuc.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25055/info W1L3D4 Philboard is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...