Lyris ListManager read/search/results words Parameter XSS

The remote host is running ListManager, a web-based commercial mailing list management application from Lyris. The version of ListManager installed on the remote host fails to sanitize user input to the 'words' parameter of the 'read/search/results' script before including it in dynamic HTML...

OpenDocMan 1.x - out.php Cross-Site Scripting

OpenDocMan 1.x - out.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29765/info OpenDocMan is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

OpenDocMan 1.x - 'out.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29765/info OpenDocMan is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

SimpleNotes - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29755/info SimpleNotes is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

GlassFish Application Server - '/resourceNode/externalResourceNew.jsf' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

vBulletin 3.6.103.7.1 - redirect Cross-Site Scripting

vBulletin 3.6.103.7.1 - redirect Cross-Site Scripting source: https://www.securityfocus.com/bid/29704/info vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

vBulletin 3.6.10/3.7.1 - 'redirect' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29704/info vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

PHPEasyData 1.5.4 - '/admin/login.php?Username' SQL Injection

source: https://www.securityfocus.com/bid/29659/info PHPEasyData is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the...

Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

SchoolCenter 7.5 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29591/info SchoolCenter is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

SamTodo 1.1 - completed Cross-Site Scripting

SamTodo 1.1 - completed Cross-Site Scripting source: https://www.securityfocus.com/bid/29569/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

SamTodo 1.1 - 'tid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

WyMIEN PHP 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29551/info WyMIEN PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

DotNetNuke 4.8.3 - 'Default.aspx' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29437/info DotNetNuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

DotNetNuke 4.8.3 - Default.aspx Cross-Site Scripting

DotNetNuke 4.8.3 - Default.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/29437/info DotNetNuke is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the...

Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the...

Xerox DocuShare 6 - dsdndswebSearchResults URI Cross-Site Scripting

Xerox DocuShare 6 - dsdndswebSearchResults URI Cross-Site Scripting source: https://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Calcium 3.104.0.4 - Calcium40.pl Cross-Site Scripting

Calcium 3.104.0.4 - Calcium40.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/29411/info Calcium is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

Tr Script News 2.1 - 'news.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29388/info Tr Script News is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...