PHP F1 Maxs Photo Album - showimage.php Cross-Site Scripting

PHP F1 Maxs Photo Album - showimage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47582/info PHP F1 Max's Photo Album is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

WordPress Plugin WP Ajax Recent Posts 1.0.1 - 'do' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47579/info The WP Ajax Recent Posts WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

phpList 2.10.x - 'email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47580/info PHPList is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

WordPress Plugin WP Ajax Recent Posts 1.0.1 - do Cross-Site Scripting

WordPress Plugin WP Ajax Recent Posts 1.0.1 - do Cross-Site Scripting source: https://www.securityfocus.com/bid/47579/info The WP Ajax Recent Posts WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

html-edit CMS 3.1.x - 'html_output' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47576/info html-edit CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting

Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/47542/info Dolibarr is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit...

Cross-site Scripting (XSS) Vulnerability in AJAX Calendar

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AJAX Calendar which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AJAX Calendar The vulnerability exists due to input sanitation error in the "y" parameter in...

docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities

Exploit for php platform in category web applications docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hidd...

Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47519/info Automagick Tube Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/47500/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Dalbum 1.43 - 'editini.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47427/info Dalbum is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - jdeMafletClose.mafService?RENDER_MAFLET Cross-Site Scripting

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - jdeMafletClose.mafService?RENDERMAFLET Cross-Site Scripting source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these...

Dalbum 1.43 - editini.php Cross-Site Scripting

Dalbum 1.43 - editini.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47427/info Dalbum is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Cross-site Scripting (XSS) Vulnerability in (e)2 interactive Photo Gallery

High-Tech Bridge SA Security Research Lab has discovered vulnerability in e2 interactive Photo Gallery which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in e2 interactive Photo Gallery The vulnerability exists due to input sanitation error ...

Oracle JD Edwards EnterpriseOne 8.9x Tools Web Runtime SEC - '/jde/E1Menu_OCL.mafService?e1.namespace' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47479/info Oracle JD Edwards EnterpriseOne is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This m...

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities

webSPELL 4.2.2a - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47500/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

ChatLakTurk PHP Botlu Video - 'ara.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47428/info ChatLakTurk PHP Botlu Video is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

ChillyCMS 1.2.1 - Multiple Remote File Inclusions

ChillyCMS 1.2.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/47395/info chillyCMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker...

Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting

Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting source: https://www.securityfocus.com/bid/47390/info Technicolor THOMSON TG585v7 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker...

MediaWiki API XSS

A cross-site scripting vulnerability exists in this installation of MediaWiki that allows an attacker to execute arbitrary script code in the browser of an unsuspecting user. Such script code could steal authentication credentials and be used to launch other attacks. %NASLMINLEVEL 70300 C Tenable...