Bitweaver 1.1/1.2 - 'Title' HTML Injection

source: https://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in...

[SA19124] phpArcadeScript Cross-Site Scripting Vulnerabilities

TITLE: phpArcadeScript Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA19124 VERIFY ADVISORY: http://secunia.com/advisories/19124/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpArcadeScript 2.x http://secunia.com/product/8565/ phpArcadeScript 1.x...

RunCMS 1.x - Bigshow.php Cross-Site Scripting

RunCMS 1.x - Bigshow.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...

HitHost 1.0 - 'viewuser.php?hits' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in th...

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16961/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically...

phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS

phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS. CVE-2006-1082. Webapps exploit for php platform source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of...

phpArcadeScript 2.0 browse.php Multiple Parameter XSS

phpArcadeScript 2.0 browse.php Multiple Parameter XSS. CVE-2006-1082. Webapps exploit for php platform source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of...

SpeedTouchXSS.txt

TITLE: Thomson SpeedTouch 500 series vulnerable to XSS CRITICAL: Less critical IMPACT: Cross Site Scripting SOFTWARE: SpeedTouch 5.3.2.6.0 DESCRIPTION: There consists a vulnerability in the SpeedTouch modems, which can be exploited by malicious people to conduct cross-site scripting attacks, and...

QwikiWiki 1.4 - index.php Cross-Site Scripting

QwikiWiki 1.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16874/info QwikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Woltlab Burning Board 1.1.12.x - galerie_onfly.php Cross-Site Scripting

Woltlab Burning Board 1.1.12.x - galerieonfly.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker ma...

Woltlab Burning Board 1.1.1/2.x - 'galerie_onfly.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

Woltlab Burning Board 1.1.12.x - galerie_index.php?Username Cross-Site Scripting

Woltlab Burning Board 1.1.12.x - galerieindex.php?Username Cross-Site Scripting source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An...

PEHEPE Membership Management System 3.0 - Sol_menu.php Cross-Site Scripting

PEHEPE Membership Management System 3.0 - Solmenu.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16885/info PEHEPE Membership Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplie...

runcmsXSS.txt

KAPDA::27 - Runcms 1.x CrossSiteScripting vulnerability KAPDA New advisory Vulnerable products : Runcms 1.x Vendor: www.runcms.org Risk: Low Vulnerabilities: CrossSiteScripting Discoverd by Roozbeh Afrasiabi roozbehatyahoodotcom www.kapda.ir www.persiax.com Date : -------------------- Found : Jan...

PEHEPE Membership Management System 3.0 - 'Sol_menu.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16885/info PEHEPE Membership Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting

Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16821/info Battleaxe Software's bttlxeForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...

JGS-Gallery 4.0 - jgs_galerie_slideshow.php Multiple Cross-Site Scripting Vulnerabilities

JGS-Gallery 4.0 - jgsgalerieslideshow.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An...

NOCC 1.0 - error.php?html_error_occurred Cross-Site Scripting

NOCC 1.0 - error.php?htmlerroroccurred Cross-Site Scripting source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can explo...

JGS-Gallery 4.0 - 'jgs_galerie_slideshow.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of ...

NOCC 1.0 - no_mail.php?html_no_mail Cross-Site Scripting

NOCC 1.0 - nomail.php?htmlnomail Cross-Site Scripting source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit the...