6665 matches found
Apache HTTPD mod_proxy_balancer Cross Site Scripting (CVE-2012-4558)
A cross site scripting vulnerability exists in Apache HTTP web server modproxybalancer. The vulnerability is due to a lack of input validation in the URI of the modproxybalancer manager interface. A remote attacker can exploit these vulnerabilities by enticing a user to follow a specially crafted...
Jaow CMS - add_ons Cross-Site Scripting
Jaow CMS - addons Cross-Site Scripting source: https://www.securityfocus.com/bid/58658/info Jaow CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Jaow CMS - 'add_ons' Cross-Site Scripting
source: https://www.securityfocus.com/bid/58658/info Jaow CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal...
Debian DSA-2651-1 : smokeping - XSS vulnerability
A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the 'displaymode'parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of a...
Debian Security Advisory DSA 2651-1 (smokeping - cross-site scripting vulnerability)
A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the displaymode parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an...
PHP-Fusion forum/viewthread.php highlight Parameter XSS
The version of PHP-Fusion installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user input to the 'highlight' parameter of the 'forum/viewthread.php' script. An unauthenticated, remote attacker may be able to leverage this to inject...
Petite Annonce - Cross-Site Scripting
Petite Annonce - Cross-Site Scripting source: https://www.securityfocus.com/bid/58508/info Petite Annonce is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Cisco Video Surveillance Operations Manager - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/58476/info Cisco Video Surveillance Operations Manager is prone to multiple security vulnerabilities, including: 1. Multiple local file-include vulnerabilities 2. A security-bypass vulnerability 3. Multiple cross-site scripting vulnerabilities An attacker...
Microsoft SharePoint CVE-2013-0083 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft SharePoint Reflected List Parameter Cross-site Scripting (SA49875; CVE-2012-1863)
A cross-site scripting vulnerability has been discovered in Microsoft SharePoint. The vulnerability is due to insufficient sanitization of the List parameter. A remote attacker could trigger this flaw by enticing a user to follow a URL containing script code in the List parameter...
WordPress Plugin podPress - playerID Cross-Site Scripting
WordPress Plugin podPress - playerID Cross-Site Scripting source: https://www.securityfocus.com/bid/58421/info The podPress plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...
Asteriskguru Queue Statistics Cross Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2013-002 - Original release date: January 22nd, 2013 - Last revised: March 10th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score ============================================= I...
Asteriskguru Queue Statistics - warning Cross-Site Scripting
Asteriskguru Queue Statistics - warning Cross-Site Scripting source: https://www.securityfocus.com/bid/58418/info Asteriskguru Queue Statistics is prone to an cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute...
Asteriskguru Queue Statistics - 'warning' Cross-Site Scripting
source: https://www.securityfocus.com/bid/58418/info Asteriskguru Queue Statistics is prone to an cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Your Own Classifieds - Cross-Site Scripting
Your Own Classifieds - Cross-Site Scripting source: https://www.securityfocus.com/bid/58399/info Your Own Classifieds is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Matrix42 Service Store - default.aspx Cross-Site Scripting
Matrix42 Service Store - default.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/59290/info Matrix42 Service Store is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...
HP Intelligent Management Center - topoContent.jsf Cross-Site Scripting
HP Intelligent Management Center - topoContent.jsf Cross-Site Scripting source: https://www.securityfocus.com/bid/58293/info HP Intelligent Management Center is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
Adobe InDesign Server SOAP Request Lack of Authentication
Access control weakness vulnerability exists in Adobe InDesign Server.The vulnerability is due to a failure to restrict access to the SOAP interface.Successful exploitation could result in execution of arbitrary script code in the context of the service...
WordPress Plugin Uploader - blog Cross-Site Scripting
WordPress Plugin Uploader - blog Cross-Site Scripting source: https://www.securityfocus.com/bid/58285/info The Uploader Plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Batavi - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/58151/info Batavi is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...