MyBloggie 2.1.22.1.3 - edituser.php Cross-Site Scripting

MyBloggie 2.1.22.1.3 - edituser.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

DCP-Portal 3.7/4.x/5.x/6.x - 'forums.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

MyBloggie 2.1.2/2.1.3 - 'deluser.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

MyBloggie 2.1.22.1.3 - del.php Cross-Site Scripting

MyBloggie 2.1.22.1.3 - del.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage the...

DCP-Portal 3.74.x5.x6.x - index.php Multiple Cross-Site Scripting Vulnerabilities

DCP-Portal 3.74.x5.x6.x - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inpu...

MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17048/info MyBloggie is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

ADP Forum 2.0.x - Subject HTML Injection

ADP Forum 2.0.x - Subject HTML Injection source: https://www.securityfocus.com/bid/17047/info ADP Forum is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

TextFileBB 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17029/info The 'textfileBB' application is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrar...

LoudBlog 0.41 - backend_settings.php Traversal Arbitrary File Access

LoudBlog 0.41 - backendsettings.php Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure...

LoudBlog 0.41 - 'backend_settings.php' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote attackers to execute arbitrary PHP...

LoudBlog 0.41 - 'index.php?template' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote attackers to execute arbitrary PHP...

MPCS 0.2 - comment.php Cross-Site Scripting

MPCS 0.2 - comment.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18470/info MPCS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Game-Panel 2.6 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16979/info Game-Panel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this iss...

DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16968/info DVGuestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

[KAPDA::#31] - Runcms 1.x Cross_Site_Scripting vulnerability in bigshow.php

KAPDA::31 - Runcms 1.x CrossSiteScripting vulnerability in bigshow.php KAPDA New advisory Vulnerable products : Runcms 1.x Vendor: www.runcms.org Risk: Low Vulnerabilities: CrossSiteScripting Discoverd by Roozbeh Afrasiabi roozbehatyahoodotcom www.kapda.ir www.persiax.com Date :...

Qto File Manager 1.0 - index.php Cross-Site Scripting

Qto File Manager 1.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

evoBlog Remote Name tag Script injection

DESCRIPTION evoBlog is prone to HTML injection attacks. It is possible for a malicious evoBlog user to inject hostile HTML and script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of evoBlog. evoBlog does not adequately...

Qto File Manager 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

Game-Panel 2.6 - login.php Cross-Site Scripting

Game-Panel 2.6 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16979/info Game-Panel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated...