Asn Guestbook 1.5 - header.php?version Cross-Site Scripting

Asn Guestbook 1.5 - header.php?version Cross-Site Scripting source: https://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Pyrox Search 1.0.5 - 'Newsearch.php' Whatdoreplace Cross-Site Scripting

source: https://www.securityfocus.com/bid/14343/info A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages. An attacker may leverage this issu...

Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting

Pyrox Search 1.0.5 - Newsearch.php Whatdoreplace Cross-Site Scripting source: https://www.securityfocus.com/bid/14343/info A cross-site scripting vulnerability affects Pyrox Search. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output ...

PHP-Fusion <= 6.00.105 Multiple Vulnerabilities

According to its banner, the remote host is running a version of PHP-Fusion that is affected by multiple vulnerabilities : - An Information Disclosure Vulnerability PHP Fusion stores database backups in a known location within the web server's documents directory. An attacker may be able to...

tForum b0.9 - member.php Cross-Site Scripting

tForum b0.9 - member.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14303/info tForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is the next-generation mail client from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Thunderbird: "mozbugra4" and "shutdown" discovered that Thunderbird was improperly cloning base objects MFSA 2005-56. "mozbugra4"...

Clever Copy 2.0 - calendar.php Cross-Site Scripting

Clever Copy 2.0 - calendar.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14278/info A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically...

Novell Groupwise 6.5 Webaccess - HTML Injection

Novell Groupwise 6.5 Webaccess - HTML Injection source: https://www.securityfocus.com/bid/14310/info Novell GroupWise WebAccess is prone to an HTML injection vulnerability. This may be used to inject hostile HTML and script code into the Web mail application. When a user opens an email containing...

Clever Copy 2.0 - &#039;calendar.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14278/info A cross-site scripting vulnerability affects Clever Copy. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages. An attacker may leverage this issue...

Simple Message Board 2.0 beta1 - Forum.cfm Cross-Site Scripting

Simple Message Board 2.0 beta1 - Forum.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/14266/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may...

Simple Message Board 2.0 beta1 - &#039;Forum.cfm&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14266/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Simple Message Board 2.0 beta1 - &#039;Thread.cfm&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14268/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Simple Message Board 2.0 beta1 - Thread.cfm Cross-Site Scripting

Simple Message Board 2.0 beta1 - Thread.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/14268/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may...

Simple Message Board 2.0 beta1 - User.cfm Cross-Site Scripting

Simple Message Board 2.0 beta1 - User.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/14267/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may levera...

Simple Message Board 2.0 beta1 - &#039;User.cfm&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14267/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

FreeBSD : horde -- Horde Page Title XSS Vulnerability (396ee517-a607-11d9-ac72-000bdb1444a4)

Secunia Advisory: SA14730 A vulnerability has been reported in Horde, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed when setting the parent frame's page title via JavaScript is not properly sanitised before being returned to the user. This can be...

SiteMinder 5.5 Multiple Script XSS

The remote host is running SiteMinder, an access-management solution from Netegrity / Computer Associates. The installed version of SiteMinder suffers from several cross-site scripting flaws in its 'smpwservicescgi.exe' and 'login.fcc' scripts. An attacker can exploit these flaws to inject...

PPA 0.5.6 - &#039;ppa_root_path&#039; File Inclusion

source: https://www.securityfocus.com/bid/14209/info PPA is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an affect...

IBM Lotus Domino Notes 6.06.5 - Mail Template Automatic Script Execution

IBM Lotus Domino Notes 6.06.5 - Mail Template Automatic Script Execution source: https://www.securityfocus.com/bid/14164/info IBM Lotus Notes email client is prone to an input validation vulnerability. Reports indicate that HTML and JavaScript attached to received email messages is executed...

EasyPHPCalendar 6.1.5/6.2.x - &#039;datePicker.php?serverPath&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...