MoinMoin 1.5.x - index.php Cross-Site Scripting

MoinMoin 1.5.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23676/info MoinMoin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Big Blue Guestbook HTML Injection Vulnerabilities

Hi friends, Big Blue Guestbook software is prone to HTML injection attacks. This issue is exposed via the message form field in the guestbook entry submission form. Exploitation could permit remote attackers to persistently inject hostile HTML and script code into guestbook content. This could...

TJSChat 0.95 - You.php Cross-Site Scripting

TJSChat 0.95 - You.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23593/info TJSChat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Exponent CMS 0.96.50.96.6 - magpie_slashbox.php?rss_url Cross-Site Scripting

Exponent CMS 0.96.50.96.6 - magpieslashbox.php?rssurl Cross-Site Scripting source: https://www.securityfocus.com/bid/23574/info Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could...

Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php?icodir' Traversal Arbitrary Directory Listing

source: https://www.securityfocus.com/bid/23574/info Exponent CMS is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute...

Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities

Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/23526/info Wabbit Gallery Script is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

BloofoxCMS 0.2.2 - 'Img_Popup.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23487/info BloofoxCMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

Doop Content Management System 1.3.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/23482/info Doop Content Management System is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication...

[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue

MajorSecurity Advisory 44MailBee WebMail Pro - Cross Site Scripting Issue Details ======= Product: MailBee WebMail Pro 3.4 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.afterlogic.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: Davi...

TuMusika Evolution 1.6 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23452/info TuMusika Evolution is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

DotClear 1.2.x - '/ecrire/trackback.php?post_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23411/info DotClear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

DotClear 1.2.x - '/tools/thememng/index.php?tool_url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23411/info DotClear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

DotClear 1.2.x - ecriretrackback.php?post_id Cross-Site Scripting

DotClear 1.2.x - ecriretrackback.php?postid Cross-Site Scripting source: https://www.securityfocus.com/bid/23411/info DotClear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Einfacher Passworschutz - index.php Cross-Site Scripting

Einfacher Passworschutz - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23395/info Einfacher Passworschutz is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Livor 2.5 - index.php Cross-Site Scripting

Livor 2.5 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23353/info Livor is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

Livor 2.5 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23353/info Livor is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting

NextPage LivePublish 2.02 - LPEXT.dll Cross-Site Scripting source: https://www.securityfocus.com/bid/23270/info LivePublish is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Atlassian JIRA 3.4.2 - IssueNavigator.JSPA Cross-Site Scripting

source: https://www.securityfocus.com/bid/23244/info Atlassian JIRA is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting

Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting source: https://www.securityfocus.com/bid/23141/info Mephisto Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Mephisto Blog 0.7.3 - Search Function Cross-Site Scripting

source: https://www.securityfocus.com/bid/23141/info Mephisto Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...