wordpress -- cross-site scripting

A Secunia Advisory report: Input passed to the "postscolumns" parameter in wp-admin/edit-post-rows.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

TikiWiki <= 1.9.8.1 Cross Site Scripting / Local File Inclusion

====================================================================== TikiWiki = 1.9.8.1 Cross Site Scripting / Local File Inclusion ====================================================================== Author: L4teral l4teral 4t gmail com Impact: Cross Site Scripting Local File Inclusion Statu...

Hackish 1.1 - 'Blocco.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

SearchSimon Lite 1.0 - 'Filename.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting

SearchSimon Lite 1.0 - Filename.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execut...

Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting

Socketmail 2.2.1 - lostpwd.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26138/info SocketMail is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability -...

FreeBSD : phpmyadmin -- XSS vulnerability (498a8731-7cfc-11dc-96e6-0012f06707f0)

The DigiTrust Group discovered serious XSS vulnerability in the phpMyAdmin serverstatus.php script. According to their report vulnerability can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. %NASLMINLEVEL 70300 C Tenable Network...

SiteBar 3.3.8 - '/translator.php?upd/cmd/Action/edit' Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities -...

SiteBar 3.3.8 - index.php?target Cross-Site Scripting

SiteBar 3.3.8 - index.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

SiteBar 3.3.8 - 'command.php?Modify User Action uid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities -...

phpMyAdmin 2.11.1 - Server_Status.php Cross-Site Scripting

phpMyAdmin 2.11.1 - ServerStatus.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26301/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...

phpmyadmin -- cross-site scripting vulnerability

The DigiTrust Group discovered serious XSS vulnerability in the phpMyAdmin serverstatus.php script. According to their report vulnerability can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

InnovaPortal - 'msg.jsp?msg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26084/info InnovaShop is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

Stringbeans Portal 3.2 Projects Script - Cross-Site Scripting

Stringbeans Portal 3.2 Projects Script - Cross-Site Scripting source: https://www.securityfocus.com/bid/26082/info Stringbeans Portal is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

InnovaPortal - 'tc/contents/home001.jsp?contentid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26084/info InnovaShop is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

Nucleus CMS 3.0.1 - index.php Cross-Site Scripting

Nucleus CMS 3.0.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26035/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

ActiveKB NX 2.6 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

Nucleus CMS 3.0.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26035/info Nucleus CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...