Fonality trixbox 2.4.2 - Cross-Site Scripting (2)

source: https://www.securityfocus.com/bid/27460/info The 'trixbox' product is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...

Novemberborn sIFR 2.0.2/3 - 'txt' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27394/info Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

DeluxeBB 1.1 - attachments_header.php Cross-Site Scripting

DeluxeBB 1.1 - attachmentsheader.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27401/info DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Novemberborn sIFR 2.0.23 - txt Cross-Site Scripting

Novemberborn sIFR 2.0.23 - txt Cross-Site Scripting source: https://www.securityfocus.com/bid/27394/info Novemberborn sIFR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

DeluxeBB 1.1 - 'attachments_header.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27401/info DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Nucleus CMS 3.22 - action.php Cross-Site Scripting

Nucleus CMS 3.22 - action.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27492/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Nucleus CMS 3.22 - 'action.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27492/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

Debian: Security Advisory (DSA-1098-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1034-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 914-1 (horde2)

The remote host is missing an update to horde2 announced via advisory DSA 914-1. A vulnerability has been discovered in horde2, a web application suite, that allows attackers to insert arbitrary script code into the error web page. The old stable distribution woody does not contain horde2 package...

Debian Security Advisory DSA 1298-1 (otrs2)

The remote host is missing an update to otrs2 announced via advisory DSA 1298-1. OpenVAS Vulnerability Test $Id: deb12981.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1298-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1094-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP Running Management 1.0.2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27268/info PHP Running Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

PHP Running Management 1.0.2 - index.php Cross-Site Scripting

PHP Running Management 1.0.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27268/info PHP Running Management is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Moodle 1.8.3 - install.php Cross-Site Scripting

Moodle 1.8.3 - install.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27259/info Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Joomla! Component SMF Forum 1.1.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27218/info Joomla-SMF Forum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...

IceWarp Mail Server 9.1.1 - '/admin/index.html' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27189/info IceWarp Mail Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

SysHotel On Line System - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/27184/info SysHotel On Line System is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the...

eTicket 1.5.5.2 - admin.php Multiple SQL Injections

eTicket 1.5.5.2 - admin.php Multiple SQL Injections source: https://www.securityfocus.com/bid/27173/info eTicket is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issue...