PHPODP 1.5 - ODP.php Cross-Site Scripting

PHPODP 1.5 - ODP.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17976/info phpODP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Confixx 3.0/3.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17984/info Confixx is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...

PHPODP 1.5 - 'ODP.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17976/info phpODP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

FreeBSD : trac -- Wiki Macro Script Insertion Vulnerability (400d9d22-d6c5-11da-a14b-00123ffe8333)

Secunia reports : A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed...

FreeBSD : phpmyadmin -- register_globals emulation 'import_blacklist' manipulation (23afd91f-676b-11da-99f6-00123ffe8333)

Secunia reports : Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...

GLSA-200605-09 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200605-09 Mozilla Thunderbird: Multiple vulnerabilities Several vulnerabilities were found and fixed in Mozilla Thunderbird. Impact : A remote attacker could craft malicious emails that would leverage these issues to inject and...

OZJournals 1.2 - 'Vname' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17954/info OZJournals is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...

[SA20067] ManageEngine OpManager "searchTerm" Cross-Site Scripting

TITLE: ManageEngine OpManager "searchTerm" Cross-Site Scripting SECUNIA ADVISORY ID: SA20067 VERIFY ADVISORY: http://secunia.com/advisories/20067/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: ManageEngine OpManager 6.x http://secunia.com/product/9902/...

Vizra - 'A_Login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17949/info Vizra is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

EPublisherPro 0.9.7 - 'Moreinfo.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17907/info EPublisherPro is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

timobraun Dynamic Galerie 1.0 - galerie.php?pfad Arbitrary Directory Listing

timobraun Dynamic Galerie 1.0 - galerie.php?pfad Arbitrary Directory Listing source: https://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to...

timobraun Dynamic Galerie 1.0 - 'galerie.php?id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabiliti...

timobraun Dynamic Galerie 1.0 - 'index.php?pfad' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabiliti...

Singapore 0.9.7 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17874/info The 'singapore' application is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed...

OpenFAQ 0.4 - 'Validate.php' HTML Injection

source: https://www.securityfocus.com/bid/17860/info OpenFAQ is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context...

MyBloggie 2.1.22.1.3 - BBCode IMG Tag HTML Injection

MyBloggie 2.1.22.1.3 - BBCode IMG Tag HTML Injection source: https://www.securityfocus.com/bid/17865/info MyBloggie is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...

liberoXSS.txt

--Security Report-- Advisory: libero.it XSS vulnerability - HTML injection --- Author: Davide Denicolo --- Date: 28/04/06 --- Contact: davidesecurityinfos.com --- Vendor: ItaliaOnLine S.r.l http://www.libero.it Service: Web Level: Low --- Description: Libero.it is a Web portal of big Italian ISP:...

CuteNews 1.4.1 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17850/info CuteNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

GLSA-200604-18 : Mozilla Suite: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200604-18 Mozilla Suite: Multiple vulnerabilities Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact : A remote attacker could craft malicious web pages or emails that would levera...

geoBlog Mutiple XSS Vulnerability

Summary: Software: geoBlog Sowtware's Web Site: http://sourceforge.net/projects/bitdamaged/ Versions: MOD1.0 Issue: Our research team has been working arounf on this software since the last 2hrs and have come up succesfully with bug in the product .geoBLog is prone to multiple XSS vulnerability ....