AChecker 1.0 - URI Cross-Site Scripting

AChecker 1.0 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/43240/info AChecker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

Mailman -- cross-site scripting in web interface

Secunia reports: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary...

Datetopia Buy Dating Site - Cross-Site Scripting

Datetopia Buy Dating Site - Cross-Site Scripting source: https://www.securityfocus.com/bid/42973/info Datetopia Buy Dating Site is prone to a cross-site scripting vulnerability because the it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Datetopia Buy Dating Site - Cross-Site Scripting

source: https://www.securityfocus.com/bid/42973/info Datetopia Buy Dating Site is prone to a cross-site scripting vulnerability because the it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

SmarterTools SmarterStats 5.3.3819 - frmHelp.aspx Cross-Site Scripting

SmarterTools SmarterStats 5.3.3819 - frmHelp.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/43110/info SmarterTools SmarterStats is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

phpMyAdmin setup.php Verbose Server Name XSS (PMASA-2010-7)

The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input to the 'verbose server name' field. A remote attacker could exploit this by tricking a user into executing arbitrary script code. %NASLMINLEVEL 70300 C Tenable...

Horde Application Framework 'icon_browser.php' Cross-Site Scripting Vulnerability

Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacke...

Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43001/info Horde Application Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

OneCMS 'index.php' Cross Site Scripting Vulnerability

OneCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to ste...

SyndeoCMS Local File Include, Cross Site Scripting, and HTML Injection Vulnerabilities

SyndeoCMS is prone to a local file-include, a cross-site scripting, and an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Exploiting the local file-include issue allows remote attackers to view or execute local files within the context of the...

NuSOAP 0.9.5 - 'nusoap.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42959/info NuSOAP is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

OneCMS 2.6.1 - index.php Cross-Site Scripting

OneCMS 2.6.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42949/info OneCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Nagios XI < 2009R1.3 multiple vulnerabilities

Nagios XI is prone to multiple vulnerabilities. 1. Nagios XI is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities

Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/42908/info Amiro.CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful...

PHPFinance 'group.php' SQL Injection and HTML Injection Vulnerabilities

PHPFinance is prone to an SQL-injection vulnerability and an HTML- injection vulnerability because it fails to sufficiently sanitize user- supplied input. An attacker may exploit the HTML-injection issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Rumba XML 2.4 - &#039;index.php&#039; Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/42914/info Rumba XML is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and...

Amiro.CMS 5.8.4.0 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/42908/info Amiro.CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to r...

HP Insight Diagnostics Online Edition 8.4 - &#039;globals.php?tabpage&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...

HP Insight Diagnostics Online Edition 8.4 - &#039;custom.php?testmode&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...

HP Insight Diagnostics Online Edition 8.4 - parameters.php?device Cross-Site Scripting

HP Insight Diagnostics Online Edition 8.4 - parameters.php?device Cross-Site Scripting source: https://www.securityfocus.com/bid/42888/info HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...