6665 matches found
Pagetool 1.07 - 'search_term' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27653/info Pagetool is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Pagetool 1.07 - search_term Cross-Site Scripting
Pagetool 1.07 - searchterm Cross-Site Scripting source: https://www.securityfocus.com/bid/27653/info Pagetool is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
MyNews 1.6.x - 'hash' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27652/info MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal...
mailman -- script insertion vulnerability
Secunia reports: A vulnerability has been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input when editing the list templates and the list info attribute is not properly sanitised before being stored. This can be exploited to insert...
DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser o...
HispaH YouTube Clone - load_message.php Cross-Site Scripting
HispaH YouTube Clone - loadmessage.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27598/info HispaH Youtube Clone is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
AstroSoft HelpDesk - operatorarticlearticle_attachment.asp?Attach_Id Cross-Site Scripting
AstroSoft HelpDesk - operatorarticlearticleattachment.asp?AttachId Cross-Site Scripting source: https://www.securityfocus.com/bid/27610/info AstroSoft HelpDesk is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
HispaH YouTube Clone - 'load_message.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27598/info HispaH Youtube Clone is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the context of an unsuspecting...
CruxCMS 3.0 - 'search.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27588/info CruxCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
Domain Trader 2.0 - 'catalog.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27571/info Domain Trader is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...
Domain Trader 2.0 - catalog.php Cross-Site Scripting
Domain Trader 2.0 - catalog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27571/info Domain Trader is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...
Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting
Liferay Enterprise Portal 4.3.6 - User-Agent HTTP Header Cross-Site Scripting source: https://www.securityfocus.com/bid/27547/info Liferay Enterprise Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
tripwire-xss.txt
Name: Tripwire Enterprise/Server XSS Vulnerability Release Date: 29 January 2008 Reference: LSD001-2008 Discover: Dave Lewis Vendor: Tripwire Product: Tripwire Enterprise/Server Management Web Interface Systems Affected: version 7.0 as tested NB. Earlier versions are affected as well. Please...
SunGard Banner Student 7.3 - add1 Cross-Site Scripting
SunGard Banner Student 7.3 - add1 Cross-Site Scripting source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...
eTicket 1.5.6-RC4 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27473/info eTicket is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting
Mambo Module MOStlyCE 2.4 - connector.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27470/info The MOStlyCE module for Mambo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this...
GLSA-200801-10 : TikiWiki: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200801-10 TikiWiki: Multiple vulnerabilities Jesus Olmos Gonzalez from isecauditors reported insufficient sanitization of the 'movies' parameter in file tiki-listmovies.php CVE-2007-6528. Mesut Timur from H-Labs discovered that th...
F5 BIG-IP Application Security Manager 9.4.3 - report_type Cross-Site Scripting
F5 BIG-IP Application Security Manager 9.4.3 - reporttype Cross-Site Scripting source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied...
F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27462/info F5 BIG-IP Application Security Manager is prone to a cross-site scripting vulnerability because the web management interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
Fonality trixbox 2.4.2 - Cross-Site Scripting 2 source: https://www.securityfocus.com/bid/27460/info The 'trixbox' product is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...