DDL CMS 2.1 - 'blacklist.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38643/info DDL CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

IBM ENOVIA SmarTeam - LoginPage.aspx Cross-Site Scripting

IBM ENOVIA SmarTeam - LoginPage.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/38612/info IBM ENOVIA SmarTeam is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

BBSMAX 3.0 / 4.1 / 4.2 Cross Site Scripting

i found a xss on "action" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=newthread"alert/liscker/ BBSMAX Home Page : http://www.bbsmax.com/ BBSMAX is prone to an cross-site...

BBSXP 2008 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ============================================= BBSXP 2008 Cross Site Scripting Vulnerability ============================================= BBSXP is prone to an cross-site scripting vulnerability because the application fails to properly...

Six Apart Vox - search Page Cross-Site Scripting

Six Apart Vox - search Page Cross-Site Scripting source: https://www.securityfocus.com/bid/38575/info Six Apart Vox is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Comptel Provisioning and Activation - index.jsp?error_msg_parameter Cross-Site Scripting

Comptel Provisioning and Activation - index.jsp?errormsgparameter Cross-Site Scripting source: https://www.securityfocus.com/bid/38534/info Comptel Provisioning and Activation is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. ...

Comptel Provisioning and Activation - 'index.jsp?error_msg_parameter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38534/info Comptel Provisioning and Activation is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

TRUC 0.11 - login_reset_password_page.php Cross-Site Scripting

TRUC 0.11 - loginresetpasswordpage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38445/info TRUC is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

IBM (Multiple Products) - Login Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/38412/info Multiple IBM products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Softbiz Jobs - sbad_type Cross-Site Scripting

Softbiz Jobs - sbadtype Cross-Site Scripting source: https://www.securityfocus.com/bid/38383/info Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Softbiz Jobs - 'sbad_type' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38383/info Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

vBulletin 4.0.2 Multiple Cross Site Scripting Vulnerabilities

vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

WampServer 2.0i - 'lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38357/info WampServer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Social Web CMS 2 - index.php Cross-Site Scripting

Social Web CMS 2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38329/info Social Web CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

IBM Websphere Portal 6.0.1.5 Build wp6015 - Portlet Palette Search HTML Injection

source: https://www.securityfocus.com/bid/38360/info IBM WebSphere Portal is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An authenticated attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

Social Web CMS 2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38329/info Social Web CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attack...

Subex Nikira Fraud Management System GUI - 'message' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38311/info The Subex Nikira Fraud Management System GUI is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PortWise SSL VPN 4.6 - 'reloadFrame' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38308/info PortWise SSL VPN is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CMS Made Simple Local File Include and Cross Site Scripting Vulnerabilities

CMS Made Simple is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within...