Citrix Metaframe Web Manager - login.asp Cross-Site Scripting

Citrix Metaframe Web Manager - login.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/27948/info Citrix MetaFrame Web Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

OSSIM Framework session/login.php dest Parameter XSS

The remote host is running OSSIM Open Source Security Information Management, a suite of security tools managed by a web-based front-end. The version of OSSIM installed on the remote host fails to sanitize user input to the 'dest' parameter of the 'session/login.php' script before using it to...

Plume CMS 1.2.2 - '/manager/xmedia.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27999/info Plume CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

projectpier-xssxsrf.txt

====================================================================== ProjectPier Impact: Cross Site Scripting Cross Site Request Forgery Status: patch available ------------------------------ Affected software description: ------------------------------ Application: ProjectPier Version: = 0.80...

Jinzora 2.7.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Jinzora 2.7.5 - 'slim.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Jinzora 2.7.5 - ajax_request.php Multiple Cross-Site Scripting Vulnerabilities

Jinzora 2.7.5 - ajaxrequest.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27876/info Jinzora is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may...

ProjectPier 0.8 - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27857/info ProjectPier is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities

Sophos Email Appliance 2.1 - Web Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27813/info Sophos Email Appliance is prone to multiple cross-site scripting vulnerabilities that affect its web interface because it fails to properly sanitize...

JSPWiki Multiple Vulnerabilities

JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki – http://www.jspwiki.org Application Description: From JSPWiki website - “JSPWiki is a feature-rich and extensible WikiWiki engine built around a standart J2EE components Java, servlets, JSP.” Tested versions: JSPWiki v2.4.104 JSPWik...

Cacti 0.8.7 - graph_view.php?graph_list SQL Injection

Cacti 0.8.7 - graphview.php?graphlist SQL Injection source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...

Cacti 0.8.7 - 'tree.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

Cacti 0.8.7 - 'graph_xport.php?local_graph_id' SQL Injection

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

Cacti 0.8.7 - graph_view.php?filter Cross-Site Scripting

Cacti 0.8.7 - graphview.php?filter Cross-Site Scripting source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...

artmedic weblog index.php jahrneu Parameter XSS

artmedic weblog index.php jahrneu Parameter XSS. CVE-2008-0765. Webapps exploit for php platform source: http://www.securityfocus.com/bid/27745/info artmedic webdesign weblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An...

Cacti 0.8.7 - 'graph_view.php?filter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

Cacti 0.8.7 - graph_xport.php?local_graph_id SQL Injection

Cacti 0.8.7 - graphxport.php?localgraphid SQL Injection source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...

artmedic weblog artmedic_print.php date Parameter XSS

artmedic weblog artmedicprint.php date Parameter XSS. CVE-2008-0765. Webapps exploit for php platform source: http://www.securityfocus.com/bid/27745/info artmedic webdesign weblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. ...

Calimero.CMS 3.3 - 'id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27690/info Calimero.CMS is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...

MODx 0.9.6 - index.php Multiple Cross-Site Scripting Vulnerabilities

MODx 0.9.6 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27672/info MODx is prone to an HTML-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...