C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40134/info C99Shell is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

gpEasy CMS 1.6.2 - editing_files.php Cross-Site Scripting

gpEasy CMS 1.6.2 - editingfiles.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40330/info gpEasy CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

NPDS REvolution 10.02 - download.php Cross-Site Scripting

NPDS REvolution 10.02 - download.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40227/info NPDS Revolution is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Joomla! Component JComments 2.1 - 'ComntrNam' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40230/info The JComments component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecti...

Planet Script 1.x - 'idomains.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40203/info Planet Script is prone to a cross-site scripting vulnerability because the it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Damianov.net Shoutbox 1.0 Cross Site Scripting

Exploit Title: damianov.net Shoutbox XSS Vulnerability Date: 13.05.2010 Author: Valentin Category: webapps/0day Version: 1.0 Tested on: Debian, Apache2, PHP5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title =...

Secunia Research: TomatoCMS Script Insertion Vulnerabilities

====================================================================== Secunia Research 10/05/2010 - TomatoCMS Script Insertion Vulnerabilities - ====================================================================== Table of Contents Affected...

NPDS REvolution 10.02 - topic Cross-Site Scripting

NPDS REvolution 10.02 - topic Cross-Site Scripting source: https://www.securityfocus.com/bid/40157/info NPDS Revolution is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

Saurus CMS 4.7 - 'edit.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40059/info Saurus CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

Saurus CMS 4.7 - edit.php Cross-Site Scripting

Saurus CMS 4.7 - edit.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40059/info Saurus CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting

EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

WordPress Plugin TYPO3 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/39926/info TYPO3 't3mcumulustagcloud' extension is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the...

VMware View 3.1.x - URL Processing Cross-Site Scripting

source: https://www.securityfocus.com/bid/39949/info VMware View is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

WordPress Plugin TYPO3 t3m_cumulus_tagcloud Extension 1.0 - HTML Injection Cross-Site Scripting

WordPress Plugin TYPO3 t3mcumulustagcloud Extension 1.0 - HTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/39926/info TYPO3 't3mcumulustagcloud' extension is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize...

WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting

WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...

Cross-site Scripting (XSS) Vulnerability in JComments Component for Joomla!

High-Tech Bridge SA Security Research Lab has discovered vulnerability in JComments component for Joomla! which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in JComments: CVE-2010-5048 The vulnerability exists due to input sanitation error i...

Mango Blog 1.4.1 - '/archives.cfm/search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/39864/info Mango Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Apache ActiveMQ version 5.3.x XSS Vulnerabilities

Exploit for php platform in category web applications ================================================= Apache ActiveMQ version 5.3.x XSS Vulnerabilities ================================================= Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting...

osCommerce 3.0a5 - Local File Inclusion HTML Injection

osCommerce 3.0a5 - Local File Inclusion HTML Injection source: https://www.securityfocus.com/bid/39820/info osCommerce is prone to a local file-include vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local...

Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability

Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...