MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14751/info MAXdev MD-Pro is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

Unclassified NewsBoard 1.5.3 - Description HTML Injection

Unclassified NewsBoard 1.5.3 - Description HTML Injection source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content...

Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection

source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...

Land Down Under 601/602/700/701/800/801 - 'events.php' HTML Injection

source: https://www.securityfocus.com/bid/14746/info Land Down Under is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code wou...

Simple Machines Forum < 1.0.7 Code Injection

Binary data 3198.prm...

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection source: https://www.securityfocus.com/bid/14676/info SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser. This may allow for various attacks including session...

SqWebMail 5.0.4 - HTML Email IMG Tag Script Injection

source: https://www.securityfocus.com/bid/14676/info SqWebMail is affected by a vulnerability that may allow remote attackers to inject and execute arbitrary script code in a user's browser. This may allow for various attacks including session hijacking due to the theft of user credentials...

phpMyAdmin 2.x - error.php Cross-Site Scripting

phpMyAdmin 2.x - error.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14675/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack woul...

phpMyAdmin 2.x - &#039;error.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14675/info phpMyAdmin is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious li...

Coppermine Photo Gallery EXIF Data XSS

According to its banner, the version of Coppermine Gallery installed on the remote host is prone to cross-site scripting attacks because it does not sanitize malicious EXIF data stored in image files. Using a specially crafted image file, an attacker can exploit this flaw to cause arbitrary HTML...

Foojan PHPWeblog - Html Injection

source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...

SaveWebPortal 3.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14642/info SaveWebPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting

PerlDiver 2.31 - Perldiver.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/14894/info PerlDiver is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

Land Down Under 800 - &#039;journal.php?w&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14619/info Land Down Under is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

ATutor 1.5.1 - &#039;login.php?course&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14598/info ATutor is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

jawsGlossary.txt

XSS Bug in Jaws Glossary v 0.4 - 0.5.1 latest version STATUS: The vendor has been contacted, fixed in cvs. Jaws is a Framework and Content Management System for building dynamic web sites. It aims to be User Friendly giving ease of use and lots of ways to customize web sites, but at the same time...

VegaDNS 0.8.1/0.9.8/0.9.9 - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14538/info VegaDNS is vulnerable to cross-site scripting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

[SA16365] Chipmunk Forum &quot;fontcolor&quot; Cross-Site Scripting Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Invision Power Board (IP.Board) 1.0.3 - Attached File Cross-Site Scripting

Invision Power Board IP.Board 1.0.3 - Attached File Cross-Site Scripting source: https://www.securityfocus.com/bid/14492/info Invision Power Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...

FunkBoard 0.66 - &#039;editpost.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14507/info FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...