Singapore 0.9.9b Beta - Image Gallery Remote File Inclusion / Cross-Site Scripting

source: https://www.securityfocus.com/bid/65420/info Singapore Image Gallery is prone to a remote file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain...

Singapore 0.9.9b Beta - Image Gallery Remote File Inclusion Cross-Site Scripting

Singapore 0.9.9b Beta - Image Gallery Remote File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/65420/info Singapore Image Gallery is prone to a remote file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize...

NCH Software Inventoria 3.45 Cross Site Scripting

NCH Software Inventoria 3.45 id param Reflected Cross-Site Scripting Vulnerability Vendor: NCH Software Product web page: http://www.nchsoftware.com Affected version: 3.45 Summary: Inventoria is a business inventory management and stock control software that allows you to manage and monitor your...

Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel

High-Tech Bridge Security Research Lab discovered two vulnerabilities in Seo Panel, which can be exploited to perform Cross-Site Scripting XSS attacks agains users of the vulnerable application to steal their sensitive data. 1 Two Cross-Site Scripting XSS in Seo Panel: CVE-2014-1855 1.1 The...

WordPress Seo Link Rotator 'title' Parameter Cross Site Scripting Vulnerability

WordPress Seo Link Rotator Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Maian Uploader 4.0 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/65137/info Maian Uploader is prone to multiple security vulnerabilities, including: 1. An SQL-injection vulnerability 2. Multiple cross-site scripting vulnerabilities Attackers can exploit these issues to access or modify data, exploit latent...

Allegro RomPager < 4.51 HTTP Referer Header XSS Vulnerability

Allegro RomPager is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

XAMPP Control Panel XSS Vulnerability (Jan 2014) - Active Check

XAMPP is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apachefriends:xampp";...

Web Video Streamer - Multiple Vulnerabilities

Web Video Streamer - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/65350/info Web Video Streamer is prone to following multiple security vulnerabilities: 1. Multiple cross-site scripting vulnerabilities 2. A directory-traversal vulnerability 3. A command-injection vulnerabili...

AOL File Inclusion / Cross Site Scripting

AOL File Inclusion / Cross Site ScrIpting Time-Line vulnerability ------------------------ -Multiples Security Advisories -Not Response -Not FeedBack -Not Fixed -Another Security Advisory & another.. -Not Response-Not FeedBack -Full Disclosure I. VULNERABILITY ------------------------- Title: AOL...

BloofoxCMS 0.5.0 - fileurl Local File Inclusion

BloofoxCMS 0.5.0 - fileurl Local File Inclusion source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include vulnerabilit...

BloofoxCMS - bloofoxindex.php?Username SQL Injection

BloofoxCMS - bloofoxindex.php?Username SQL Injection source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include...

phpMyRecipes Multiple Vulnerabilities

phpMyRecipes is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-Site Scripting (XSS) in Komento Joomla Extension

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Komento Joomla Extension, which can be exploited to perform script insertion attacks. 1 Cross-Site Scripting XSS in Komento Joomla Extension: CVE-2014-0793 1.1 The vulnerability exists due to insufficient sanitisation of...

TYPO3 Felogin System Extension Cross Site Scripting Vulnerability

TYPO3 is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3";...

AFCommerce - adblock.php Remote File Inclusion

AFCommerce - adblock.php Remote File Inclusion source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentiall...

AFCommerce - &#039;controlheader.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

AFCommerce - &#039;adblock.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

AFCommerce - &#039;adminpassword.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

RockMongo Cross Site Scripting and Directory Traversal Vulnerabilities

Rockmongo is prone to cross-site scripting XSS and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...