Microsoft Internet Explorer Event Handler Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...

Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...

ClanSphere 2009 - text Cross-Site Scripting

ClanSphere 2009 - text Cross-Site Scripting source: https://www.securityfocus.com/bid/35605/info ClanSphere is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Horde 3.1 - Passwd Module Cross-Site Scripting

Horde 3.1 - Passwd Module Cross-Site Scripting source: https://www.securityfocus.com/bid/35573/info The Horde 'Passwd' module is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Microsoft Internet Explorer 6 - JavaScript: URI in Refresh Header Cross-Site Scripting

Microsoft Internet Explorer 6 - JavaScript: URI in Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/35570/info Microsoft Internet Explorer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can explo...

SA-CONTRIB-2009-033 - Quiz - Cross site scripting

The Quiz module provides tools for authoring and administering quizzes through Drupal. A quiz is given as a series of questions, with only one question appearing per page. Scores are then stored in the database. The module does not properly escape user-supplied data on some pages, allowing...

Microsoft Internet Explorer 6 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting

source: https://www.securityfocus.com/bid/35570/info Microsoft Internet Explorer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the context of the user running the...

Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities

Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44454/info FlatNux is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting

source: https://www.securityfocus.com/bid/35572/info Google Chrome is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the context of the user running the application and...

Sitecore CMS 6.0.0 rev. 090120 - 'default.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/44405/info Sitecore CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

Sitecore CMS 6.0.0 rev. 090120 - default.aspx Cross-Site Scripting

Sitecore CMS 6.0.0 rev. 090120 - default.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/44405/info Sitecore CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

PRTG Traffic Grapher 'Monitor_Bandwidth' Cross Site Scripting Vulnerability

PRTG Traffic Grapher is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...

horde-base -- multiple vulnerabilities

The Horde team reports: An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a user...

Vanilla 1.1.7 Cross Site Scripting

Author: Gerendi Sandor Attila Original advisory: http://gsasec.blogspot.com/2009/05/vanilla-v117-cross-site-scripting.html Date: May 14, 2009 Package: Vanilla 1.1.7 Product Homepage: http://getvanilla.com/ Versions Affected: v.1.1.7, 1.1.5 Other versions may also be affected Severity: Medium Inpu...

Intergo Arcade Trade Script 1.0 - q Cross-Site Scripting

Intergo Arcade Trade Script 1.0 - q Cross-Site Scripting source: https://www.securityfocus.com/bid/44555/info Arcade Trade Script is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Cisco ASA Appliance 8.x - WebVPN DOM Wrapper Cross-Site Scripting

source: https://www.securityfocus.com/bid/35476/info Cisco ASA Adaptive Security Appliance is prone to a cross-site scripting vulnerability because its Web VPN fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

DotNetNuke 4.9.3 - 'ErrorPage.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/35074/info DotNetNuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

Sun Java System Communications Express 6.3 - UWCMain Cross-Site Scripting

Sun Java System Communications Express 6.3 - UWCMain Cross-Site Scripting source: https://www.securityfocus.com/bid/34155/info Sun Java System Communications Express is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This issue is tracke...

BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability

This host is installed with BaoFeng Storm ActiveX and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbbaofengstormactivexctrlbofvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability Authors: Nikita MR Copyright: Copyrigh...

Cacti 'data_input.php' Cross Site Scripting Vulnerability

Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...