openEngine Local File Include Vulnerability

openEngine is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44501/info Feindura CMS is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using...

Joomla! Component Projects 'com_projects' - SQL Injection / Local File Inclusion

source: https://www.securityfocus.com/bid/44456/info The 'comprojects' component for Joomla! is prone to an SQL-injection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise...

w-Agora 'search.php' Local File Include and Cross Site Scripting Vulnerabilities

w-Agora is prone to a local file-include vulnerability and a cross- site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

Micro CMS Persistent XSS Vulnerability.

Micro CMS Persistent Cross-Site Scripting Vulnerability. SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1004 09/03/2010 Issue Discovered 09/05/2010 Vendor Notified No Response from Vendor Class: Persistent Cross-Site Scripting Severity: High Overview: --------- Micro CMS is...

IBM Tivoli Access Manager for E-Business - '/ibm/wpm/webseal?method' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

W-Agora 4.2.1 - 'search.php?bn' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44370/info w-Agora is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal...

IBM Tivoli Access Manager for E-Business - ibmwpmwebseal?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmwebseal?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. A...

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion

W-Agora 4.2.1 - search.php3?bn Traversal Local File Inclusion source: https://www.securityfocus.com/bid/44370/info w-Agora is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the...

IBM Tivoli Access Manager for E-Business - '/ibm/wpm/gsogroup?method' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

IBM Tivoli Access Manager for E-Business - '/ibm/wpm/acl?method' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

IBM Tivoli Access Manager for E-Business - ibmwpmrule?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmrule?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

IBM Tivoli Access Manager for E-Business - '/ibm/wpm/user?method' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

IBM Tivoli Access Manager for E-Business - ibmwpmos?method Cross-Site Scripting

IBM Tivoli Access Manager for E-Business - ibmwpmos?method Cross-Site Scripting source: https://www.securityfocus.com/bid/44382/info IBM Tivoli Access Manager for e-business is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

pecio CMS 2.0.5 - target Cross-Site Scripting

pecio CMS 2.0.5 - target Cross-Site Scripting source: https://www.securityfocus.com/bid/44304/info pecio cms is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44169/info eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44169/info eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

TWiki 5.0 - bin/login Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44103/info TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

TWiki 5.0 - '/bin/view?rev' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44103/info TWiki is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

The versions of SharePoint Services, SharePoint Server, Groove, or Office Web Apps installed on the remote host have multiple cross-site scripting vulnerabilities. A remote attacker could exploit them by tricking a user into making a malicious request, resulting in arbitrary script code execution...