HP System Management Homepage < 2.1.15.210 Unspecified XSS

The remote host appears to be running HP System Management Homepage SMH, a web-based management interface for ProLiant and Integrity servers. The version of HP SMH installed on the remote host fails to sanitize user input to an unspecified parameter and script before using it to generate dynamic...

Opera Web Browser 9.62 - History Search Input Validation

Opera Web Browser 9.62 - History Search Input Validation source: https://www.securityfocus.com/bid/32015/info Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature. Attacker-supplied HTML and script code would run in...

Opera Web Browser Command Execution and XSS Vulnerabilities (Windows)

The host is installed with Opera Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperacmdexecnxssvulnwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Command Execution and XSS Vulnerabilities Windows Authors: Chandan S Copyright: Copyright c...

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/31998/info SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI...

SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/31998/info SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in a blocked-site error page. An attacker may leverage this iss...

Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting

Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting source: https://www.securityfocus.com/bid/31991/info Opera Web Browser is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

phpmyadmin -- Cross-Site Scripting Vulnerability

SecurityFocus reports: phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This ma...

Extrakt Framework 0.7 - index.php Cross-Site Scripting

Extrakt Framework 0.7 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31971/info Extrakt Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/31970/info Kmita Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

Dorsa CMS - &#039;Default_.aspx&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31992/info Dorsa CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

Extrakt Framework 0.7 - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31971/info Extrakt Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities

KKE Info Media Kmita Gallery - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31970/info Kmita Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issue...

KKE Info Media Kmita Catalogue 2 - search.php Cross-Site Scripting

KKE Info Media Kmita Catalogue 2 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31968/info Kmita Catalogue is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

FreeBSD : flyspray -- multiple vulnerabilities (9d3020e4-a2c4-11dd-a9f9-0030843d3802)

The Flyspray Project reports : Flyspray is affected by a Cross Site scripting Vulnerability due to an error escaping PHP's $SERVER'QUERYSTRING' superglobal, that can be maliciously used to inject arbitrary code into the savesearch JavaScript function. There is an XSS problem in the history tab, t...

PHPWind hidden.php脚本代码注入漏洞

PHPWind实现上存在输入验证漏洞，远程攻击者可能利用此漏洞在主机上以Web进程权限执行任意命令。 PHPWind的job.php及hidden.php脚本对用户提交的参数值未做充分的过滤检查，远程攻击者可以注入PHP脚本代码到文件中，攻击者以Web进程权限执行任意命令。 PHPWind 2.0.1 PHPWind ------- 目前厂商已经在最新版本的软件中修复了这个安全问题，请到厂商的主页下载： http://www.phpwind.net/...

iPeGuestbook 1.72.0 - pg Cross-Site Scripting

iPeGuestbook 1.72.0 - pg Cross-Site Scripting source: https://www.securityfocus.com/bid/31911/info iPei Guestbook is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script co...

Jetbox CMS 2.1 - &#039;liste&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31890/info Jetbox CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

ClipShare Pro 4.0 - &#039;fullscreen.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/31898/info ClipShare Pro is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

ClipShare Pro 4.0 - fullscreen.php Cross-Site Scripting

ClipShare Pro 4.0 - fullscreen.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31898/info ClipShare Pro is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS

Google Chrome 0.2.149 ftp:// URL Multiple File Format Handling XSS. CVE-2008-4724 . Remote exploit for windows platform source: http://www.securityfocus.com/bid/31855/info Google Chrome 0.2.149 is prone to a cross-site scripting weakness that arises because the software fails to handle specially...