JGS-Gallery 4.0 - 'Board jgs_galerie_scroll.php?userid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of ...

NOCC 1.0 - filter_prefs.php?html_filter_select Cross-Site Scripting

NOCC 1.0 - filterprefs.php?htmlfilterselect Cross-Site Scripting source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can...

PHPX 3.5.9 - XCode Tag HTML Injection

source: https://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the...

NOCC 1.0 - 'html_bottom_table.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and execute it ...

NOCC 1.0 - 'no_mail.php?html_no_mail' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and execute it ...

Dragonfly CMS 9.0.6.1 Stories_Archive Module - Multiple Cross-Site Scripting Vulnerabilities

Dragonfly CMS 9.0.6.1 StoriesArchive Module - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage...

myPHPNuke 1.8.8 - download.php Cross-Site Scripting

myPHPNuke 1.8.8 - download.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16815/info MyPHPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage the...

Dragonfly CMS 9.0.6.1 Downloads Module - c Cross-Site Scripting

Dragonfly CMS 9.0.6.1 Downloads Module - c Cross-Site Scripting source: https://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitra...

SquirrelMail < 1.4.6 Multiple Vulnerabilities

The installed version of SquirrelMail fails to sanitize user-supplied input to mailbox names before passing them to an IMAP server. An unauthenticated attacker may be able to leverage this issue to launch attacks against the underlying IMAP server or against a user's mailboxes by tricking him int...

myPHPNuke 1.8.8 - &#039;download.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/16815/info MyPHPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

Dragonfly CMS 9.0.6.1 Coppermine Module - &#039;album&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/16784/info Dragonfly is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in...

SquirrelMail < 1.4.7 Multiple Vulnerabilities

Binary data 3441.prm...

EV0080.txt

New eVuln Advisory: M. Blom HTML::BBCode perl module XSS Vulnerabilities http://evuln.com/vulns/80/summary.html --------------------Summary---------------- eVuln ID: EV0080 Software: M. Blom HTML::BBCode Sowtware's Web Site: http://menno.b10m.net/perl/ Versions: 1.04 1.03 and earlier Critical...

MyBB 1.0.3 - Managegroup.php Cross-Site Scripting

MyBB 1.0.3 - Managegroup.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16692/info MyBB is prone to a cross-site scripting vulnerability.. This issue is due to a lack of proper sanitization of user-supplied input. An attacker may leverage this issue to have arbitrary script co...

MyBB 1.0.3 - &#039;Managegroup.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/16692/info MyBB is prone to a cross-site scripting vulnerability.. This issue is due to a lack of proper sanitization of user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user...

HTML::BBCode 1.03/1.04 - HTML Injection

source: https://www.securityfocus.com/bid/16680/info HTML::BBCode is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would ...

Gastebuch 1.3.2 - Cross-Site Scripting

Gastebuch 1.3.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/16615/info Gastebuch is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML...

Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...

CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities

CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...

CyberShop Ultimate E-Commerce - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16473/info CyberShop Ultimate E-commerce is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue to have arbitrary scrip...