IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46481/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

IBM Lotus Sametime Server 'stconf.nsf' Cross Site Scripting Vulnerability

IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Vanilla Forums 2.0.17.x - 'p' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46486/info Vanilla Forums is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

IBM Lotus Sametime - stconf.nsf Cross-Site Scripting

source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

phpBugTracker 1.0.5 Multiple Reflected XSS Vulnerabilities

Summary phpBugTracker is a web-based bug tracker with functionality similar to other issue tracking systems, such as Bugzilla. Design focuses on separating the presentation, application, and database layers. phpBugTracker is lightweight and easy to install, operate and administer. Most text can b...

Eclipse IDE < 3.6.2 Help Contents Multiple XSS Vulnerabilities

Eclipse IDE is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Request Forgery (CSRF) Vulnerabilities in Pragyan CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pragyan CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Pragyan CMS 1.1 The vulnerability exists due to insufficient validation of...

Multiple Vulnerabilities in xtcModified

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in xtcModified which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in xtcModified 1.1 The vulnerability exists due to input...

HP Power Manager Cross Site Request Forgery (CSRF) and XSS Vulnerability

This host is running HP Power Manager and is prone to cross site request forgery and cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbhppowermanagercsrfvuln.nasl 7006 2017-08-25 11:51:20Z teissa $ HP Power Manager Cross Site Request Forgery CSRF and XSS Vulnerability Authors:...

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46385/info Photopad is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/46385/info Photopad is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

MG2 0.5.1 Cross Site Scripting

MG2 0.5.1 Multiple XSS Vulnerabilities Vendor: MiniGal Product web page: http://www.minigal.dk Affected version: 0.5.1 Summary: MG2 is the sequel to the popular image gallery script MiniGal. One of the highlights of MG2 is, that it supports PHP running in safe mode which is unsupported by almost...

Dokeos 1.8.6 2 - style Cross-Site Scripting

Dokeos 1.8.6 2 - style Cross-Site Scripting source: https://www.securityfocus.com/bid/46370/info Dokeos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Dokeos 1.8.6 2 - &#039;style&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/46370/info Dokeos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Apache Continuum Cross Site Scripting Vulnerability

Apache Continuum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker...

ManageEngine ADSelfService Plus 4.4 - &#039;EmployeeSearch.cc&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/46331/info ManageEngine ADSelfService Plus is prone to multiple vulnerabilities, including multiple security-bypass and cross-site scripting vulnerabilities. Attackers can exploit these issues to bypass certain security restrictions and to execute arbitra...

PHPXref 0.7 - nav.html Cross-Site Scripting

PHPXref 0.7 - nav.html Cross-Site Scripting source: https://www.securityfocus.com/bid/46302/info PHPXref is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code ...

CVE-2011-0924

The client in HP Data Protector does not verify the contents of files associated with the EXECCMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omnichkds.sh...

N-13 News Cross-Site Request Forgery Vulnerability

This host is running N-13 News and is prone to Cross-Site Request Forgery vulnerability. OpenVAS Vulnerability Test $Id: gbn13newscsrfvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ N-13 News Cross-Site Request Forgery Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks...

UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities

UMI CMS 2.8.1.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46280/info UMI CMS is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...