321soft PHP-Gallery 0.9 - index.php?path Cross-Site Scripting

321soft PHP-Gallery 0.9 - index.php?path Cross-Site Scripting source: https://www.securityfocus.com/bid/17812/info PhP-Gallery is prone to an information-disclosure vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize...

321soft PHP-Gallery 0.9 - index.php?path Arbitrary Directory Listing

321soft PHP-Gallery 0.9 - index.php?path Arbitrary Directory Listing source: https://www.securityfocus.com/bid/17812/info PhP-Gallery is prone to an information-disclosure vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly...

Albinator 2.0.8 - showpic.php?preloadSlideShow Cross-Site Scripting

Albinator 2.0.8 - showpic.php?preloadSlideShow Cross-Site Scripting source: https://www.securityfocus.com/bid/17826/info Albinator is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issue...

ZenPhoto 0.91.0 - index.php Multiple Cross-Site Scripting Vulnerabilities

ZenPhoto 0.91.0 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17779/info Zenphoto is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these...

JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17778/info JSBoard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...

GeoBlog MOD_1.0 - 'viewcat.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17784/info GeoBlog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...

XDT Pro 2.3 - 'stats.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17781/info XDT Pro is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...

JSBoard 2.0.102.0.11 - login.php Cross-Site Scripting

JSBoard 2.0.102.0.11 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17778/info JSBoard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

OrbitHYIP 2.0 - members.php?id Cross-Site Scripting

OrbitHYIP 2.0 - members.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/17766/info OrbitHYIP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage the...

SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17770/info SunShop Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities

SunShop Shopping Cart 3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17770/info SunShop Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

W-Agora 4.2 - BBCode Script Injection

W-Agora 4.2 - BBCode Script Injection source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora...

W-Agora 4.2 - BBCode Script Injection

source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora can be configured to send all user...

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Impact A remote attacker could craft malicious web pages or emails that would leverage...

trac -- Wiki Macro Script Insertion Vulnerability

Secunia reports: A vulnerability has been reported, which can be exploited by malicious people to conduct script insertion attacks. Input passed using the wiki macro isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed ...

NeoMail - 'NeoMail.pl?sessionid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17728/info NeoMail is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...

GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200604-12 Mozilla Firefox: Multiple vulnerabilities Several vulnerabilities were found in Mozilla Firefox. Versions 1.0.8 and 1.5.0.2 were released to fix them. Impact : A remote attacker could craft malicious web pages that would...

Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities

Farsinews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17701/info FarsiNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may...

PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities

PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17688/info phpWebFTP is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input using the HTTP 'POST'...

NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities

NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/17685/info NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated...