Open Handset Alliance Android 2.3.43.1 - Browser Sandbox Security Bypass

Open Handset Alliance Android 2.3.43.1 - Browser Sandbox Security Bypass source: https://www.securityfocus.com/bid/48954/info Open Handset Alliance Android is prone to a vulnerability that may allow a bypass of the browser sandbox. Successful exploits will allow attackers to execute arbitrary...

Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities

This host is running Andy's PHP Knowledgebase and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbaphpkbmultxssvuln.nasl 5840 2017-04-03 12:02:24Z cfi $ Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities Authors: Sooraj KS Copyright...

Chyrp 2.x - '/includes/lib/gz.php?File' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...

Chyrp 2.x - 'action' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...

GBook PHP Guestbook 1.7 Cross Site Scripting

Vulnerability ID: HTB23028 Reference: http://www.htbridge.ch/advisory/multiplexssingbookphpguestbook.html Product: GBook PHP guestbook Vendor: PHPJunkyar http://www.phpjunkyard.com Vulnerable Version: 1.7 and probably prior Tested on: 1.7 Vendor Notification: 06 July 2011 Vulnerability Type: XSS...

Musicbox SQL Injection and Cross Site Scripting Vulnerabilities

Musicbox is prone to SQL injection and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Joomla! CMS Multiple Cross Site Scripting Vulnerabilities - July 2011

This host is running Joomla and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodjoomlamultxssvulnjul11.nasl 5840 2017-04-03 12:02:24Z cfi $ Joomla! CMS Multiple Cross Site Scripting Vulnerabilities - July 2011 Authors: Sooraj KS Copyright: Copyrigh...

Joomla! CMS Multiple XSS Vulnerabilities (Jul 2011)

Joomla is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cross-site Scripting (XSS) Vulnerability in Fast Secure Contact Form

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Fast Secure Contact Form wordpress plugin, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Fast Secure Contact Form WordPress Plugin Input appended to the URL afte...

PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/48905/info PHPJunkYard GBook is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Joomla! "searchword" Cross-Site Scripting Vulnerability

No description provided by source. Aung Khant has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "searchword" POST parameter to index.php when "option" is set to "comsearch" and "task" is set to...

Joomla! 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

Joomla! 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/48805/info Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

Tiki Wiki CMS Groupware 7.2 - snarf_ajax.php Cross-Site Scripting

Tiki Wiki CMS Groupware 7.2 - snarfajax.php Cross-Site Scripting source: https://www.securityfocus.com/bid/48806/info Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execu...

XSS in Tiki Wiki CMS Groupware

No description provided by source. Vendor: info.tiki.org http://info.tiki.org Vulnerable Version: 7.0 and probably prior Tested on: 7.0 High-Tech Bridge SA Security Research Lab has discovered vulnerability in Tiki Wiki CMS Groupware, which can be exploited to perform cross-site scripting attacks...

Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery HTML Injection

Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery HTML Injection source: https://www.securityfocus.com/bid/48711/info The Iskratel SI2000 Callisto 821+ is prone to a cross-site request-forgery vulnerability and multiple HTML-injection vulnerabilities. An attacker can exploit the cross-si...

PG eLms Pro vDEC_2007_01 - 'contact_us.php' Multiple POST Cross-Site Scripting Vulnerabilities

PG eLMS Pro vDEC200701 contactus.php Multiple POST XSS Vulnerabilities function xss1document...

Chyrp 2.x - includesJavaScript.php?action Cross-Site Scripting

Chyrp 2.x - includesJavaScript.php?action Cross-Site Scripting source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability...

Ruby on Rails 'Safe Buffer' XSS Vulnerability (Jun 2011)

Ruby on Rails is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Flowplayer 3.2.7 - 'linkUrl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48651/info Flowplayer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

Cybozu Products Mail System Images Cross-Site Scripting Vulnerability

This host is running Cybozu Office, Cybozu Garoon, Cybozu Dezie or Cybozu MailWise and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodcybozuproductsmailsystemxssvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ Cybozu Products Mail System Images Cross-Site...