6665 matches found
CPanel 10.9.1 Resname Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
PHP Advanced Transfer Manager 1.30 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14887/info PHP Advanced Transfer Manager is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage a...
osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29055/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
timobraun Dynamic Galerie 1.0 galerie.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...
Online Contact Manager 3.0 index.php showGroup Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...
phpMyAdmin 4.1.x < 4.1.14.1 / 4.2.x < 4.2.4 Navigation Hiding Items Multiple XSS (PMASA-2014-3)
According to its self-reported version number, the phpMyAdmin install hosted on the remote web server is 4.1.x prior to 4.1.14.1 or 4.2.x prior to 4.2.4. It is, therefore, affected by multiple cross-site scripting vulnerabilities. The flaws exist due to user input not being validated in a crafted...
Secunia CSI/VIM Cross Site Scripting
Document Title: =============== Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1272 Release Date: ============= 2014-06-18 Vulnerability Laboratory ID VL-ID:...
[CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies
I. VULNERABILITY ------------------------- Reflected XSS Attacks vulnerabilities in Transform Foundation server 4.3.1 and 5.2 from Bottomline Technologies II. BACKGROUND ------------------------- Bottomline offers powerful, next-generation electronic document solutions for formatting, personalizi...
WordPress WP-Ecommerce with Bradesco Gateway 'falha.php' XSS Vulnerability
WordPress WP-Ecommerce with Bradesco Gateway Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
BarracudaDrive Multiple XSS Vulnerabilities -01 (Jun 2014)
BarracudaDrive is prone to multiple XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite
High-Tech Bridge Security Research Lab discovered XSS vulnerability in Storesprite, which can be exploited to perform Cross-Site Scripting attacks. 1 Reflected Cross-Site Scripting XSS in Storesprite: CVE-2014-3737 The vulnerability exists due to insufficient sanitisation of user-supplied data in...
WordPress Flexolio Multiple Vulnerabilities (May 2014)
The WordPress Flexolio theme is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ownCloud Multiple Cross-Site Scripting & Directory Traversal Vulnerabilities
ownCloud is prone to session fixation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if...
PrestaShop - getSimilarManufacturer.php?id_manufacturer SQL Injection
PrestaShop - getSimilarManufacturer.php?idmanufacturer SQL Injection source: https://www.securityfocus.com/bid/67249/info PrestaShop is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...
Symantec Messaging Gateway 10.x < 10.5.2 XSS Vulnerability
Symantec Messaging Gateway is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
BarracudaDrive 6.7.1 Cross Site Scripting Vulnerability
BarracudaDrive version 6.7.1 suffers from multiple persistent and reflective cross site scripting vulnerabilities Title : BarracudaDrive Multiple XSS Vulnerabilities Author : Shakeel Bhat SecPod Technologies Pvt. Ltd. http://www.secpod.com Vendor : http://barracudadrive.com Advisory :...
Symantec Messaging Gateway 10.5.1 Cross Site Scripting
I. VULNERABILITY ------------------------- Reflected XSS Attacks vulnerability in Symantec Messaging Gateway Version 10.5.1 II. BACKGROUND ------------------------- Symantec Corporation is an American computer security, backup and availability solutions software corporation headquartered in...
ClipBucket <= 2.6 Multiple Vulnerabilities - Active Check
ClipBucket is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oxygenz:clipbucket"; ifdescripti...
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities - Linux
Adobe Reader is prone to cross site scripting and denial of service vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities - Windows
Adobe Reader is prone to cross site scripting and denial of service vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...