6665 matches found
WordPress 2.2 - Request_URI Cross-Site Scripting
WordPress 2.2 - RequestURI Cross-Site Scripting source: https://www.securityfocus.com/bid/24383/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
webstudio-xss.txt
Application: WebStudio CMS Vendors Url: http://www.bdigital.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WebStudio CMS is a web-based CMS system Google Dork: "Powered by...
Okyanusmedya - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24285/info Okyanusmedya is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
Linker 2.0.4 - index.php Cross-Site Scripting
Linker 2.0.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/24277/info Codelib Linker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...
Linker 2.0.4 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24277/info Codelib Linker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...
Prototype of an PHP Application 0.1 - '/ident/loginmodif.php?path_inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file...
Prototype of an PHP Application 0.1 - '/ident/identification.php?path_inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file...
Debian DSA-1298-1 : otrs2 - missing input sanitising
It was discovered that the Open Ticket Request System performs insufficient input sanitising for the Subaction parameter, which allows the injection of arbitrary web script code. The oldstable distribution sarge doesn't include otrs2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Prototype of an PHP Application 0.1 - 'common.inc.php?path_inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file...
Prototype of an PHP Application 0.1 - identindex.php?path_inc Remote File Inclusion
Prototype of an PHP Application 0.1 - identindex.php?pathinc Remote File Inclusion source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the...
Prototype of an PHP Application 0.1 - identdisconnect.php?path_inc Remote File Inclusion
Prototype of an PHP Application 0.1 - identdisconnect.php?pathinc Remote File Inclusion source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the...
static XSS / SQL-Injection in Omegasoft Insel
Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i...
Evenzia Content Management Systems (CMS) - Cross-Site Scripting
source: https://www.securityfocus.com/bid/24270/info Evenzia CMS is prone to a cross-site script vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
PHPLive! 3.2.2 - '/super/info.php?BASE_URL' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Prototype of an PHP Application 0.1 - '/plugins/PHPgacl/index.php?path_inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file...
Prototype of an PHP Application 0.1 - 'param.inc.php?path_inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary remote file...
Prototype of an PHP Application 0.1 - menumenuprincipal.php?path_inc Remote File Inclusion
Prototype of an PHP Application 0.1 - menumenuprincipal.php?pathinc Remote File Inclusion source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to th...
Buttercup WFM - Title Cross-Site Scripting
Buttercup WFM - Title Cross-Site Scripting source: https://www.securityfocus.com/bid/24269/info Buttercup WFM Web File Manager is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Prototype of an PHP Application 0.1 - pluginsPHPgaclindex.php?path_inc Remote File Inclusion
Prototype of an PHP Application 0.1 - pluginsPHPgaclindex.php?pathinc Remote File Inclusion source: https://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to...
Evenzia Content Management Systems (CMS) - Cross-Site Scripting
Evenzia Content Management Systems CMS - Cross-Site Scripting source: https://www.securityfocus.com/bid/24270/info Evenzia CMS is prone to a cross-site script vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...