PHPcksec 0.2 - PHPcksec.php Cross-Site Scripting

PHPcksec 0.2 - PHPcksec.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32890/info The 'phpcksec' script is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

PHPcksec 0.2 - 'PHPcksec.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32890/info The 'phpcksec' script is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

TWiki < 4.2.4 Multiple XSS / Command Execution Vulnerabilities

TWiki is prone to multiple cross-site scripting XSS and command execution vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

Injader 2.1.1 - SQL Injection HTML Injection

Injader 2.1.1 - SQL Injection HTML Injection source: https://www.securityfocus.com/bid/32843/info Injader is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage the HTML-injecti...

mediawiki -- multiple vulnerabilities

The MediaWiki development team reports: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Certain unspecified input related to uploads i...

Microsoft Internet Explorer XML Handling Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Faile...

Microsoft Windows Common AVI ActiveX Control File Parsing Buffer Overflow Vulnerability

Description Microsoft Windows Common AVI ActiveX control is prone to a remote buffer-overflow vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromi...

PHPepperShop 1.4 - shopkontakt.php Cross-Site Scripting

PHPepperShop 1.4 - shopkontakt.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32690/info PhPepperShop is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

PrestaShop 1.1 - &#039;/admin/login.php?PATH_INFO&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/32689/info PrestaShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

PHPepperShop 1.4 - index.php Cross-Site Scripting

PHPepperShop 1.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32690/info PhPepperShop is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...

FreeBSD : mantis -- multiple vulnerabilities (29255141-c3df-11dd-a721-0030843d3802)

Secunia reports : Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. Input passed to the 'filtertarget' parameter in returndynamicfilters.p...

TWiki 4.x - &#039;URLPARAM&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/32669/info TWiki is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

Yappa-ng - Query String Cross-Site Scripting

Yappa-ng - Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/32623/info The 'yappa-ng' program is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitra...

Yappa-ng - &#039;index.php?album&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/32623/info The 'yappa-ng' program is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

WordPress wp-includes/feed.php self_link() Function Host Header RSS Feed XSS

The version of WordPress installed on the remote host fails to properly sanitize input to the 'Host' request header before using it in the 'selflink' function in 'wp-includes/feed.php' to generate dynamic HTML output. An attacker can leverage this issue to inject arbitrary HTML and script code in...

Softbiz Classifieds Script - adminindex.php?msg Cross-Site Scripting

Softbiz Classifieds Script - adminindex.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/32569/info Softbiz Classifieds Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage the...

Softbiz Classifieds Script - &#039;/advertisers/signinform.php?msg&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/32569/info Softbiz Classifieds Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

CodeToad ASP Shopping Cart Script - Cross-Site Scripting

CodeToad ASP Shopping Cart Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/32568/info CodeToad ASP Shopping Cart Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...

IBM Rational ClearCase 78 - Cross-Site Scripting

IBM Rational ClearCase 78 - Cross-Site Scripting source: https://www.securityfocus.com/bid/32574/info IBM Rational ClearCase is prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

Pre ASP Job Board - &#039;emp_login.asp&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/32572/info Pre ASP Job Board is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...