SPIP 1.8/1.9 - 'index.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16461/info SPIP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

SPIP 1.81.9 - index.php3 Cross-Site Scripting

SPIP 1.81.9 - index.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/16461/info SPIP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

vBulletin 3.5.2 - Event Title HTML Injection

vBulletin 3.5.2 - Event Title HTML Injection source: https://www.securityfocus.com/bid/16116/info vBulletin is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting

Cerberus Helpdesk 2.7 - Clients.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16439/info Cerberus Helpdesk is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage th...

Cerberus Helpdesk 2.7 - 'Clients.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16439/info Cerberus Helpdesk is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

[SA18672] sPaiz-Nuke "query" Cross-Site Scripting Vulnerability

TITLE: sPaiz-Nuke "query" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18672 VERIFY ADVISORY: http://secunia.com/advisories/18672/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: sPaiz-Nuke http://secunia.com/product/7180/ DESCRIPTION: NightWarrior h...

sPaiz-Nuke - modules.php Cross-Site Scripting

sPaiz-Nuke - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16412/info sPaiz-Nuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Mozilla Firefox 1.0/1.5 XBL - MOZ-BINDING Property Cross-Domain Scripting

source: https://www.securityfocus.com/bid/16427/info Mozilla Firefox is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain. The issue affects the '-moz-binding' property. This could allow a malicious site to access the...

GLSA-200601-13 : Gallery: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200601-13 Gallery: XSS vulnerability Peter Schumacher discovered that Gallery fails to sanitize the fullname set by users, possibly leading to a cross-site scripting vulnerability. Impact : By setting a specially crafted fullname,...

CheesyBlog-1.0.txt

New eVuln Advisory: CheesyBlog XSS Vulnerability http://evuln.com/vulns/49/summary.html --------------------Summary---------------- Software: CheesyBlog Sowtware's Web Site: http://cheesepizza.net/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripting Class: Remote Status: Unpatched...

My Little Homepage Products - BBCode Link Tag Script Injection

My Little Homepage Products - BBCode Link Tag Script Injection source: https://www.securityfocus.com/bid/16395/info My Little Homepage Web log, guestbook, and forum are prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied...

My Little Homepage Products - BBCode Link Tag Script Injection

source: https://www.securityfocus.com/bid/16395/info My Little Homepage Web log, guestbook, and forum are prone to a script injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

MyBB 1.0.1/1.0.2 Notepad - 'usercp.php' HTML Injection

source: https://www.securityfocus.com/bid/16361/info MyBB is prone to an HTML-injection vulnerability. This issue is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the contex...

PixelPost 1.4.3 - User Comment HTML Injection

source: https://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

[Full-disclosure] RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability

OS2A RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability OS2A ID: OS2A1004 Status 01/06/2006 Issue Discovered 01/06/2006 Reported to the vendor 01/19/2006 Patch Released 01/20/2006 Advisory Released Class: Denial of Service / Script Injection Severity: CRITICAL...

Rockliffe MailSite 5.3.4/6.1.22/7.0.3 - HTTP Mail Management Cross-Site Scripting

source: https://www.securityfocus.com/bid/16330/info MailSite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

[eVuln] aoblogger Multiple Vulnerabilities

New eVuln Advisory: aoblogger Multiple Vulnerabilities http://evuln.com/vulns/37/summary/bt/ --------------------Summary---------------- Software: aoblogger Sowtware's Web Site: http://mikeheltonisawesome.com/ Versions: 2.3 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote...

PowerPortal 1.11.3 - index.php Cross-Site Scripting

PowerPortal 1.11.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

PowerPortal 1.11.3 - search.php Cross-Site Scripting

PowerPortal 1.11.3 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities

GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16255/info GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspectin...