habari -- Cross-Site Scripting Vulnerability

Secunia reports: Input passed via the "habariusername" parameter when logging in is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

SA-2008-066 - Shindig-Integrator - Multiple vulnerabilities

Shindig-Integrator integrates the open social Shindig container with Drupal. The module contains numerous flaws. Among them are the following issues. Malicious users are able to insert arbitrary HTML and script code into certain module generated pages. Such a Cross site scripting vulnerability ca...

Microsoft Internet Explorer HTML Element Cross Domain Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain security-bypass vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may allow...

Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may...

Microsoft Internet Explorer Event Handling Cross Domain Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain security-bypass vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to execute arbitrary script code in another browser window's security zone. This may allow...

EEB-CMS 0.95 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31732/info EEB-CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Website Directory - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31562/info Website Directory is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user i...

Website Directory - index.php Cross-Site Scripting

Website Directory - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31562/info Website Directory is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...

Dreamcost HostAdmin 3.1 - index.php Cross-Site Scripting

Dreamcost HostAdmin 3.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31538/info Dreamcost HostAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute...

WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities

WikyBlog 1.7.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31525/info WikyBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

CAcert - analyse.php Cross-Site Scripting

CAcert - analyse.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31481/info CAcert is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser ...

WordPress MU 1.2/1.3 - '/wp-admin/wpmu-blogs.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/31482/info WordPress MU is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Lyrics Script - 'search_results.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31437/info Lyrics Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Lyrics Script - search_results.php Cross-Site Scripting

Lyrics Script - searchresults.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31437/info Lyrics Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

ClickBank Portal - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31438/info Clickbank Portal is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Recipe Script - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31442/info Recipe Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

OpenNMS 1.5.x - filter Cross-Site Scripting

OpenNMS 1.5.x - filter Cross-Site Scripting source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in t...

OpenNMS 1.5.x - 'j_username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Flatpress 0.804 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/31407/info FlatPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Gentoo Security Advisory GLSA 200507-14 (mozilla)

The remote host is missing updates announced in advisory GLSA 200507-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...