MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / form method="POST" action="http://localhost/mtpguestbook/inse...

AbanteCart Multiple Cross-Site Scripting Vulnerabilities

AbanteCart is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MTP Image Gallery 1.0 - 'edit_photos.php?title' Cross-Site Scripting

MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input type="hidden" name="rat...

JForum - jforum.page Multiple Cross-Site Scripting Vulnerabilities

JForum - jforum.page Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/58164/info JForum is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

JForum - 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/58164/info JForum is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="ins...

CKEditor < 4.0.1.1 Multiple Vulnerabilities

CKEditor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ckeditor:ckeditor"; ifdescription...

MTP Image Gallery 1.0 - edit_photos.php?title Cross-Site Scripting

MTP Image Gallery 1.0 - editphotos.php?title Cross-Site Scripting MTP Image Gallery 1.0 title Remote Script Insertion Vulnerability alert1;' / input typ...

phpMyRecipes - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/58160/info phpMyRecipes is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the...

Bugzilla show_bug.cgi id Parameter XSS

The version of Bugzilla installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'id' parameter of the 'showbug.cgi' script. An attacker may be able to leverage this to inject arbitrary HTML and script code...

File Manager - HTML Injection / Local File Inclusion

source: https://www.securityfocus.com/bid/58313/info File Manager is prone to an HTML-injection vulnerability and a local file-include vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, steal cookie-based...

Skype Community Cross Site Scripting

Title: ====== Skype Community - Mail Encoding Web Vulnerability Date: ===== 2013-02-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=800 MSRC ID: 13493 VL-ID: ===== 800 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...

glFusion 1.2.2 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications High-Tech Bridge Security Research Lab discovered multiple XSS vulnerabilities in glFusion, which can be exploited to perform Cross-Site Scripting attacks. glFusion has a "badbehaviour" plugin installed by default that verifies HTTP Referer,...

glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities

Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...

PHPmyGallery 1.5 - Local File Disclosure Cross-Site Scripting

PHPmyGallery 1.5 - Local File Disclosure Cross-Site Scripting source: https://www.securityfocus.com/bid/58081/info PHPmyGallery is prone to multiple cross-site scripting vulnerabilities and a local file-disclosure vulnerability because it fails to sanitize user-supplied input. An attacker may...

OpenEMR 4.1.1 Cross Site Scripting Vulnerability

OpenEMR version 4.1.1 suffers from a cross site scripting vulnerability. OpenEMR 4.1.1 site param Remote XSS Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice...

WordPress Plugin Pretty Link - Cross-Site Scripting

source: https://www.securityfocus.com/bid/58072/info The Pretty Link plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Nagios XI Alert Cloud Cross-Site Scripting

A reflected cross-site scripting vulnerability has been reported in Nagios XI. The vulnerability is due to insufficient sanitization of HTTP GET requests sent to index.php. An attacker entices a user to click on a URL containing malicious script code in the parameters. The vulnerability is...

Squirrelcart - table Cross-Site Scripting

Squirrelcart - table Cross-Site Scripting source: https://www.securityfocus.com/bid/58025/info Squirrelcart is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Squirrelcart - &#039;table&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/58025/info Squirrelcart is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...