6664 matches found
MediaWiki: Cross-site scripting vulnerability
Background MediaWiki is a collaborative editing software, used by big projects like Wikipedia. Description MediaWiki incorrectly handles page template inclusions, rendering it vulnerable to cross-site scripting attacks. Impact A remote attacker could exploit this vulnerability to inject malicious...
Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13897/info Cerberus Helpdesk is affected by various cross-site scripting vulnerabilities. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile...
GLSA-200506-04 : Wordpress: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200506-04 Wordpress: Multiple vulnerabilities Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks. Impact : An attacker could use the SQL injection vulnerabilities to gain information from t...
YaPiG 0.9x - 'view.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13875/info YaPiG is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion
Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/13851/info Popper is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...
Calendarix 0.8.20071118 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities
Calendarix 0.8.20071118 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13825/info Calendarix is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to properly sanitize...
Calendarix 0.8.20071118 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13825/info Calendarix is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting the SQL-injection issues could allow attackers to compromise t...
BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting
BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitiz...
firefoxSploit-2.txt
Proof-of-Concept for Firefox 1.0.3 - by mozbugra4 // it needs chrome privilege to get |Components.stack| var code = "alert'Exploit!\n\n' + Components.stack;"; var evalCode = code.replace/'/g, '"'.replace/\/g, '\\'; var scriptCode = "arguments.callee.parent.eval'" + evalCode + "';'';"; var...
BookReview 1.0 - 'contact.htm?user' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - suggest_category.htm?node Cross-Site Scripting
BookReview 1.0 - suggestcategory.htm?node Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
BookReview 1.0 - add_review.htm Multiple Cross-Site Scripting Vulnerabilities
BookReview 1.0 - addreview.htm Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...
BookReview 1.0 - 'search.htm?submit string' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - 'suggest_category.htm?node' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - 'add_contents.htm' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
BookReview 1.0 - add_classification.htm?isbn Cross-Site Scripting
BookReview 1.0 - addclassification.htm?isbn Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker ma...
BookReview 1.0 - add_contents.htm Multiple Cross-Site Scripting Vulnerabilities
BookReview 1.0 - addcontents.htm Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ...
BookReview 1.0 - suggest_review.htm?node Cross-Site Scripting
BookReview 1.0 - suggestreview.htm?node Cross-Site Scripting source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...
BookReview 1.0 - 'add_classification.htm?isbn' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
Sambar Server 5.x6.06.1 - results.stm indexname Cross-Site Scripting
Sambar Server 5.x6.06.1 - results.stm indexname Cross-Site Scripting source: https://www.securityfocus.com/bid/13722/info Sambar Server administrative interface does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to...