Key Focus Web Server 3.1 Index.WKF Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24623/info Key Focus Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

Plunet BusinessManager 4.1 pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

Ji-takz Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file...

Softbiz Classifieds Script Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32375/info Softbiz Classifieds Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...

artmedic weblog artmedic_print.php date Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27745/info artmedic webdesign weblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...

Horde Multiple Product - workweek.php timestamp Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29365/info Horde Kronolith is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

PhpGedView 2.5/2.6 Login.PHP Newlanguage Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11905/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

PhpGedView 2.5/2.6 Calendar.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11907/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

PhpGedView 2.5/2.6 Gdbi_interface.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11894/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

Oracle 9 XML DB Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Online Contact Manager 3.0 index.php showGroup Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

Drupal 4.x URL-Encoded Input HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16117/info Drupal is prone to an HTML injection vulnerability when handling URL-encoded HTML and script code in message content. This issue is due to a failure in the application to properly sanitize user-supplied input...

PHP 4.x Transparent Session ID Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by...

PHP-Nuke 6.x/7.0 'News' Module Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9605/info It has been reported that the PHP-Nuke module 'News' is prone to a cross-site scripting vulnerability. The issue arises due to the module failing to properly sanitize user-supplied information. This could allow...

Microsoft Content Management Server 2001 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5922/info Microsoft Content Management Server 2001 is reported to be prone to cross-site scripting attacks. An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. I...

Softbiz Image Gallery changepassword.php msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30546/info Softbiz Photo Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script co...

W-Agora 4.1.6 EditForm.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6464/info W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems. A problem with W-Agora may make cross-site scripting attacks possible. It has been reported that...

Mensajeitor 1.8.9 IP Parameter HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

JGS-Gallery 4.0 Board jgs_galerie_scroll.php userid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary scrip...

Foojan PHPWeblog Html Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the...