RunCMS 2.1 - magpie_debug.php Cross-Site Scripting

RunCMS 2.1 - magpiedebug.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41551/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

RunCMS 2.1 - 'magpie_debug.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41551/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Mac's CMS 1.1.4 - 'SearchString' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41529/info Mac's CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41548/info FireStats is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

Real Estate Manager 1.0.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41507/info Real Estate Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Multiple Cross-site Scripting (XSS) Vulnerabilities in Spitfire

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Spitfire 1.1 The vulnerability exists due to input sanitation error in the "cmsid" and...

runcms-xss.txt

Title: RunCMS XSS Vulnerability via User Agent Vendor: RunCMS Product: RunCMS Tested Version: 2.1 Threat Class: XSS Severity: Medium Remote: yes Local: no Discovered By: Andrei Rimsa Alvares ===== Description ===== RunCMS is prone to a XSS vulnerability by mangling the user-agent field on a http...

osCSS 1.2.2 - page Cross-Site Scripting

osCSS 1.2.2 - page Cross-Site Scripting source: https://www.securityfocus.com/bid/41510/info osCSS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

osCSS 1.2.2 - 'page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41510/info osCSS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

nuBuilder Local File Include and Cross Site Scripting Vulnerabilities

nuBuilder is prone to a local file-include vulnerability and a cross- site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...

Task Freak Cross Site Scripting and SQL Injection Vulnerabilities

This host is running Task Freak and is prone to Cross Site Scripting and SQL Injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbtaskfreakxssnsqlinjvuln.nasl 7573 2017-10-26 09:18:50Z cfischer $ Task Freak Cross Site Scripting and SQL Injection Vulnerabilities Authors: Madhuri D Copyrigh...

Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities

Worxware DCP-Portal 7.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41453/info Worxware DCP-Portal is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...

RunCMS 2.1 - 'check.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41448/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

NTSOFT BBS E-Market Professional - Multiple Cross-Site Scripting Vulnerabilities (2)

source: https://www.securityfocus.com/bid/41401/info NTSOFT BBS E-Market Professional is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Orbis CMS 1.0.2 - editor-body.php Cross-Site Scripting

Orbis CMS 1.0.2 - editor-body.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41390/info Orbis CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

odCMS 1.07 - 'archive.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41422/info odCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Orbis CMS 1.0.2 - 'editor-body.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41390/info Orbis CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Flatnux 2010-06.09 - find Cross-Site Scripting

Flatnux 2010-06.09 - find Cross-Site Scripting source: https://www.securityfocus.com/bid/41282/info Flatnux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Cross-site Scripting (XSS) Vulnerability in Taggon CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Taggon CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Taggon CMS The vulnerability exists due to input sanitation error in the multiple parameters in...

Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS

The version of Microsoft SharePoint Services running on the remote host has a cross-site scripting vulnerability. Input sent to the 'cid0' parameter of '/layouts/help.aspx' is not properly sanitized. A remote attacker could exploit this by tricking a user into making a malicious request, resultin...