AN Guestbook 0.4 - 'send_email.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29254/info AN Guestbook ANG is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

PicsEngine 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29214/info PicsEngine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

PicsEngine 1.0 - index.php Cross-Site Scripting

PicsEngine 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29214/info PicsEngine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Cisco BBSM Captive Portal 5.3 - 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability

Cisco BBSM Captive Portal 5.3 'AccesCodeStart.asp' Cross-Site Scripting Vulnerability. CVE-2008-2165. Webapps exploit for asp platform source: http://www.securityfocus.com/bid/29191/info Cisco BBSM Building Broadband Service Manager is prone to a cross-site scripting vulnerability because the...

PHPInstantGallery 2.0 - image.php Multiple Cross-Site Scripting Vulnerabilities

PHPInstantGallery 2.0 - image.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29152/info phpInstantGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...

cPanel 11.x - '/scripts2/changeip?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

Sun Java System Web Server Search Module XSS

The remote host is running Sun Java System Web Server, a Java application for user provisioning and identity auditing in enterprise environments. The version of Sun Java System Web Server installed on the remote host fails to sanitize user-supplied input to its Search module before using it to...

cPanel 11.x - scripts2knowlegebase?issue Cross-Site Scripting

cPanel 11.x - scripts2knowlegebase?issue Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

cPanel 11.x - '/scripts2/knowlegebase?issue' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

cPanel 11.x - scripts2changeip?user Cross-Site Scripting

cPanel 11.x - scripts2changeip?user Cross-Site Scripting source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

cPanel 11.x - '/scripts2/listaccts?search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29125/info cPanel is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

ZYWALL Referer Header XSS Vulnerability

Affected Software/Device: Zyxel ZYWall 100 Vulnerability: Cross Site Scripting Risk: Low Description: The ZyWALL 100 is designed to act as a secure gateway via xDSL/Cable modems or broadband routers for small to medium size companies. The ZyWALL 100 features an ICSA certified firewall, IPSec VPN...

ZyWALL 100 HTTP Referer Header - Cross-Site Scripting

ZyWALL 100 HTTP Referer Header - Cross-Site Scripting source: https://www.securityfocus.com/bid/29110/info ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data i...

ZyWALL 100 HTTP Referer Header - Cross-Site Scripting

source: https://www.securityfocus.com/bid/29110/info ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

SAP Internet Transaction Server 6200.1017.50954.0 Bu (WGate) - 'wgate.dll?~service' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29103/info SAP Internet Transaction Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

SonicWALL Email Security 6.1.1 - Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/29107/info SonicWALL Email Security is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in an error page. An attacker may leverage this issue to execute...

Bugzilla绕过安全限制和跨站脚本漏洞

BUGTRAQ ID: 29038 Bugzilla是很多软件项目都在使用的基于Web的BUG跟踪系统。 Bugzilla在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞执行跨站脚本攻击或获取非授权访问。 在使用BUG列表的Format for Printing或Long Format时，没有过滤$bugids等参数的输入便返回给了用户，这可能允许攻击者执行跨站脚本攻击，在用户浏览器会话中执行任意HTML和脚本代码。...

Sphider 1.3.4 - query Cross-Site Scripting

Sphider 1.3.4 - query Cross-Site Scripting source: https://www.securityfocus.com/bid/29074/info Sphider is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

Maian Uploader 4.0 - keywords Cross-Site Scripting

Maian Uploader 4.0 - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...