Sage 1.3.x - IMG Element Input Validation

source: https://www.securityfocus.com/bid/21164/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...

Sage 1.3.6 - Input Validation

source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...

Sage 1.3.6 - Input Validation

Sage 1.3.6 - Input Validation source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code wou...

FreeBSD : mailman -- Multiple Vulnerabilities (fffa9257-3c17-11db-86ab-00123ffe8333)

Secunia reports : Mailman can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS Denial of Service. 1 An error in the logging functionality can be exploited to inject a spoofed log message into the error log via a specially crafted URL. Successf...

PHP-Nuke MyHeadlines 4.3.1 Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/19825/info PHP-Nuke MyHeadlines module is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

VBZoom 1.11 - 'profile.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19803/info VBZooM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context o...

IwebNegar v1.1 Multiple vulnerabilities

:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...

VisualShapers EZContents 2.0.3 - Loginreq2.php Cross-Site Scripting

VisualShapers EZContents 2.0.3 - Loginreq2.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this...

Learn.com - 'Learncenter.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19781/info Learn.com learncenter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

cPanel 10.x - dohtaccess.html?dir Cross-Site Scripting

cPanel 10.x - dohtaccess.html?dir Cross-Site Scripting source: https://www.securityfocus.com/bid/19624/info cPanel is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have...

cPanel 10.x - 'dohtaccess.html?dir' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19624/info cPanel is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...

DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities

DieselScripts Job Site - Forgot.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/19622/info Multiple cross-site scripting vulnerabilities affect Job Site because the application fails to properly sanitize user-supplied input before including it in...

FreeBSD : horde -- Phishing and XSS Vulnerabilities (e2e8d374-2e40-11db-b683-0008743bf21a)

Secunia reports : Some vulnerabilities have been reported in Horde, which can be exploited by malicious people to conduct phishing and cross-site scripting attacks. - Input passed to the 'url' parameter in index.php isn't properly verified before it is being used to include an arbitrary website i...

horde -- Phishing and Cross-Site Scripting Vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Horde, which can be exploited by malicious people to conduct phishing and cross-site scripting attacks. Input passed to the "url" parameter in index.php isn't properly verified before it is being used to include an arbitrary web site in ...

BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities

BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/19513/info Multiple cross-site scripting vulnerabilities affect BlaBla 4U because the application fails to properly sanitize user-supplied input before including it in dynamically generated web...

BlaBla 4U - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/19513/info Multiple cross-site scripting vulnerabilities affect BlaBla 4U because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may leverage these issues to have...

Microsoft Internet Explorer Window Location Cross-Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties of a site in an arbitrary external domain. Attackers could exploit this issue to gain access to sensitive information that is...

Microsoft Management Console Zone Bypass Vulnerability

Description Microsoft Management Console MMC is prone to a cross-zone scripting vulnerability because the operating system fails to properly restrict access to MMC components, allowing the MMC files to be referenced from the Internet Zone in some cases. Exploiting this vulnerability could let an...

[KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php

Vulnerable products : MYBB 1.x Vendor: http://www.mybboard.net Risk: Low Vulnerabilities: MYBB XSS and Dir Traversal in usercp.php Date : -------------------- Found : Feb 22 2006 Vendor Contacted : N/A Release Date : N/A About : -------------------- MyBB is a powerful, efficient and free forum...

OZJournals 1.5 - Multiple Input Validation Vulnerabilities

OZJournals 1.5 Multiple Input Validation Vulnerabilities. CVE-2006-1435. Webapps exploit for php platform source: http://www.securityfocus.com/bid/19311/info OZJournal is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An...