openEngine 2.0 100226 - Local File Inclusion Cross-Site Scripting

openEngine 2.0 100226 - Local File Inclusion Cross-Site Scripting SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.t...

OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44843/info OpenWrt is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

PHPShop 2.1 EE - 'name_new' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44763/info PHPShop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the...

Mahara < 1.3.3 XSS Vulnerability

Mahara is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Microsoft Forefront Unified Access Gateway 'Signurl.asp' Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Mahara 'groupviews.tpl' Cross Site Scripting Vulnerability

Mahara is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker...

Microsoft Forefront Unified Access Gateway Mobile Portal Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Ricoh Web Image Monitor 2.03 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/44772/info Ricoh web image monitor is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

WordPress Plugin FeedList 2.61.01 - handler_image.php Cross-Site Scripting

WordPress Plugin FeedList 2.61.01 - handlerimage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/44704/info The FeedList Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage thi...

WordPress Plugin Vodpod Video Gallery 3.1.5 - &#039;vodpod_gallery_thumbs.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/44715/info The Vodpod Video Gallery Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

pfSense - pkg.php?xml Cross-Site Scripting

pfSense - pkg.php?xml Cross-Site Scripting source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in th...

WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/44707/info WP Survey And Quiz Tool for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

WordPress Plugin FeedList 2.61.01 - &#039;handler_image.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/44704/info The FeedList Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

pfSense - pkg_edit.php?id Cross-Site Scripting

pfSense - pkgedit.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...

pfSense - &#039;status_graph.php?if&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/45272/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

pfSense 2 Beta 4 - &#039;graph.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44738/info pfSense is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Microsoft Internet Explorer CSS Tags Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Multiple Vulnerabilities in CLANSPHERE

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CLANSPHERE which could be exploited to perform cross-site scripting, script insertion and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in CLANSPHERE The vulnerability exists due to input...

WordPress Plugin cformsII 11.5/13.1 - &#039;lib_ajax.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44587/info The cformsII plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

FrontAccounting Multiple Cross Site Scripting Vulnerabilities

FrontAccounting is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user- supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...