RedKernel Referrer Tracker 1.1.0-3 - Rkrt_stats.php Cross-Site Scripting

RedKernel Referrer Tracker 1.1.0-3 - Rkrtstats.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16266/info Referrer Tracker is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker m...

Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities

Faq-O-Matic 2.711 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16251/info Faq-O-Matic is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

GTP iCommerce - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16255/info GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitat...

Ultimate Auction 3.67 - Item.pl Cross-Site Scripting

source: https://www.securityfocus.com/bid/16239/info Ultimate Auction is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Web Host Automation Ltd. Helm 3.2.8 - 'ForgotPassword.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16234/info Helm is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

[eVuln] Foxrum BBCode XSS Vulnerabilty

New eVuln Advisory: Foxrum BBCode XSS Vulnerabilty --------------------Summary---------------- Software: Foxrum Sowtware's Web Site: http://www.foxrum.fr.st/ Versions: 4.0.4f Critical Level: Harmless Type: Cross-Site Scripting Class: Remote Status: Unpatched Exploit: Available Solution: Available...

WebWiz Forums - Search_form.asp Cross-Site Scripting

WebWiz Forums - Searchform.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16196/info WebWiz Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue ...

aolXSS.txt

Title: AOL Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AOL.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...

Hummingbird Collaboration - Application Cookie Internal Network Information Disclosure

source: https://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and script code to the application...

WebWiz Forums - 'Search_form.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16196/info WebWiz Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

Hummingbird Collaboration - Crafted URL File Property Obscuration Download

source: https://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and script code to the application...

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting

PHP-Nuke News Submission Story - Text Field Cross-Site Scripting source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input...

EV0019.txt

New eVuln Advisory: NavBoard BBcode XSS Vulnerability --------------------Summary---------------- Vendor: NavBoard Vendor's Web Site: http://navarone.f2o.org/ Software: NavBoard Sowtware's Web Site: http://sourceforge.net/projects/navboard/ Versions: checked: V16 Stable2.6.0 and V17beta2 Critical...

DiscusWare Discus 3.10 - Error Message Cross-Site Scripting

source: https://www.securityfocus.com/bid/16119/info DiscusWare Discus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...

Drupal 4.x - URL-Encoded Input HTML Injection

Drupal 4.x - URL-Encoded Input HTML Injection source: https://www.securityfocus.com/bid/16117/info Drupal is prone to an HTML injection vulnerability when handling URL-encoded HTML and script code in message content. This issue is due to a failure in the application to properly sanitize...

Ades Design AdesGuestbook 2.0 Read Script - Cross-Site Scripting

source: https://www.securityfocus.com/bid/16090/info Ades Design AdesGuestbook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities

Kayako SupportSuite 3.0 0.26 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16094/info Kayako SupportSuite is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the...

OOApp Guestbook 2.1 Home Script - Cross-Site Scripting

source: https://www.securityfocus.com/bid/16091/info OOApp Guestbook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may...

MyBB 1.0.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16387/info MyBB is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...