EasyPHPCalendar 6.1.56.2.x - calendar.php?serverPath Remote File Inclusion

EasyPHPCalendar 6.1.56.2.x - calendar.php?serverPath Remote File Inclusion source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ...

Xoops < 2.0.12 Multiple XSS / SQL Injection

Binary data 3041.prm...

Community Server Forums - SearchResults.aspx Cross-Site Scripting

Community Server Forums - SearchResults.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/14078/info Community Server Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker...

Hosting Controller 6.1 - error.asp Cross-Site Scripting

Hosting Controller 6.1 - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/14080/info Hosting Controller is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'error.asp' script. A...

Whois.Cart 2.2.x - profile.php Cross-Site Scripting

Whois.Cart 2.2.x - profile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14044/info Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

Whois.Cart 2.2.x - &#039;profile.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/14044/info Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...

CVE-2002-1673

The CVE-2002-1673 issue affects Webmin 0.92: the web interface fails to properly quote/filter script code in files shown to the interface, enabling local users to run scripts and potentially steal cookies by inserting script into files or fields such as a real user name entry in /etc/passwd. The ...

PAFaq - Question Cross-Site Scripting

PAFaq - Question Cross-Site Scripting source: https://www.securityfocus.com/bid/14001/info paFaq is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

I-Gallery - Folder Argument Cross-Site Scripting

source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'. An attacker may leverage this issue to have...

UApplication Ublog Reload 1.0.5 - &#039;Trackback.asp&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...

[SA15747] Ublog Reload SQL Injection and Cross-Site Scripting

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

RaXnet Cacti 0.5/0.6/0.8 - &#039;Top_Graph_Header.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/14030/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'topgraphheader.php' script. An attacker may leverage...

ATutor 1.4.3 - &#039;browse.php?show_course&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

Ultimate PHP Board 1.8/1.9 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13971/info Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script...

ATutor 1.4.3 - Directory.php Multiple Cross-Site Scripting Vulnerabilities

ATutor 1.4.3 - Directory.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

Annuaire 1Two 1.01.1 - index.php Cross-Site Scripting

Annuaire 1Two 1.01.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13961/info Annuaire 1Two is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issu...

Microsoft Internet Explorer Unspecified DigWebX ActiveX Control Vulnerability

Description Microsoft Internet Explorer is prone to an unspecified vulnerability in the DigWebX ActiveX control. The vendor has not released any further information about this vulnerability other than to state the "kill bit" has been set on unsupported versions of the control. Technologies Affect...

Microsoft Exchange Server Outlook Web Access HTML Injection Vulnerability

Description Outlook Web Access is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the affected application of an unsuspecting user in...

Microsoft Outlook Web Access vulnerable to cross-site scripting

Overview Microsoft Outlook Web Access may be vulnerable to cross-site scripting attacks. Description Microsoft Outlook Web Access OWA allows users to access their email accounts on a Microsoft Exchange server from another host through a web browser.Microsoft Outlook Web Access for Exchange Server...

Singapore 0.9.11 Beta Image Gallery - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13938/info Singapore image gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in...