Oracle Application Server BPEL Module Cross Site Scripting (CVE-2008-4014)

Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. BPEL Business Process Execution Language is an XML based language used for describing...

Mahara Multiple Vulnerabilities (Nov 2009)

Mahara is prone to a security bypass and cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Stratek Web Design Twilight CMS 4.0 - calendar Cross-Site Scripting

Stratek Web Design Twilight CMS 4.0 - calendar Cross-Site Scripting source: https://www.securityfocus.com/bid/41895/info Twilight CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

Stratek Web Design Twilight CMS 4.0 - 'calendar' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41895/info Twilight CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

TFTgallery 0.13 - 'sample' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

TFTgallery 0.13 - sample Cross-Site Scripting

TFTgallery 0.13 - sample Cross-Site Scripting source: https://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

Wowd - index.html Multiple Cross-Site Scripting Vulnerabilities

Wowd - index.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/42327/info Wowd search client is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

TFTgallery 'album' Parameter Cross Site Scripting Vulnerability

TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...

Piwigo 2.0 - comments.php Multiple Cross-Site Scripting Vulnerabilities

Piwigo 2.0 - comments.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41897/info Piwigo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to...

Jetty 6.1.x - JSP Snoop Page Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/37927/info Jetty is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/42430/info Amiro.CMS is prone to multiple input-validation vulnerabilities including multiple cross-site scripting issues, an HTML-injection issue, and an information-disclosure issue. An attacker...

Apple QuickTime Plug-In Security Bypass (CVE-2006-4965; CVE-2007-4673)

Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying still image files as well as numerous audio and video formats. It also provides libraries and plugins for other applications, such as browsers, to read QuickTime media...

IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelpadvancedworkingSet.jsp?Operation Cross-Site Scripting

IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelpadvancedworkingSet.jsp?Operation Cross-Site Scripting source: https://www.securityfocus.com/bid/36721/info IBM Rational RequisitePro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities

Skybluecanvas 1.1 r237 - admin.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44225/info SkyBlueCanvas is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

Eclipse BIRT 2.2.1 - 'run?__report' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36674/info Eclipse BIRT Business Intelligence and Reporting Tools is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

AdaptBB 1.0 - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42930/info AdaptBB is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Zainu 1.0 - searchSongKeyword Cross-Site Scripting

Zainu 1.0 - searchSongKeyword Cross-Site Scripting source: https://www.securityfocus.com/bid/36701/info Zainu is prone to a cross-site scripting vulnerability in the Contact module because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to...

FreeSchool - key_words Cross-Site Scripting

FreeSchool - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/42513/info FreeSchool is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Zainu 1.0 - 'searchSongKeyword' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36701/info Zainu is prone to a cross-site scripting vulnerability in the Contact module because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Microsoft Internet Explorer 'deflate' HTTP Content Encoding Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...