osCommerce 2.2 - '/admin/tax_rates.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...

osCommerce 2.2 - admintax_rates.php?page Cross-Site Scripting

osCommerce 2.2 - admintaxrates.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user ...

osCommerce 2.2 - adminlanguages.php?page Cross-Site Scripting

osCommerce 2.2 - adminlanguages.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user...

osCommerce 2.2 - '/admin/reviews.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...

osCommerce 2.2 - '/admin/banner_manager.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...

HAMweather 3.9.8 - 'template.php' Script Code Injection

source: https://www.securityfocus.com/bid/20311/info HAMweather is prone to a script-code-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are al...

HAMweather 3.9.8 - template.php Script Code Injection

HAMweather 3.9.8 - template.php Script Code Injection source: https://www.securityfocus.com/bid/20311/info HAMweather is prone to a script-code-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the...

Yblog - 'tem.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting us...

Yblog - 'funk.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting us...

Yblog - funk.php Cross-Site Scripting

Yblog - funk.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execut...

[SA22122] PhotoStore Cross-Site Scripting Vulnerabilities

TITLE: PhotoStore Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA22122 VERIFY ADVISORY: http://secunia.com/advisories/22122/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PhotoStore 2.x http://secunia.com/product/12118/ DESCRIPTION: meto5757 has...

PHPSelect Web Development - 'index.php3' Remote File Inclusion

source: https://www.securityfocus.com/bid/20231/info PHPSelect Web Development is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affect...

Interspire FastFind - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20380/info Interspire FastFind is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user...

Phoenix Evolution CMS - '/modules/pageedit/index.php?pageid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Quickblogger 1.4 - Remote File Inclusion

source: https://www.securityfocus.com/bid/20210/info Quickblogger is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer...

Photostore - details.php?gid Cross-Site Scripting

Photostore - details.php?gid Cross-Site Scripting source: https://www.securityfocus.com/bid/20172/info Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary...

Photostore - view_photog.php?photogid Cross-Site Scripting

Photostore - viewphotog.php?photogid Cross-Site Scripting source: https://www.securityfocus.com/bid/20172/info Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have...

DanPHPSupport 0.5 - 'admin.php?do' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20203/info DanPHPSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

BBSNew 2.0.1 - index2.php Remote File Inclusion

BBSNew 2.0.1 - index2.php Remote File Inclusion source: https://www.securityfocus.com/bid/20204/info bbsNew is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary...

BirdBlog 1.x - user.php?uid Cross-Site Scripting

BirdBlog 1.x - user.php?uid Cross-Site Scripting source: https://www.securityfocus.com/bid/20202/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary scri...