cPanel 9.1 - 'User' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13996/info It is reported that cPanel is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficient sanitization of user-supplied data vi...

cPanel 9.1 - User Cross-Site Scripting

cPanel 9.1 - User Cross-Site Scripting source: https://www.securityfocus.com/bid/13996/info It is reported that cPanel is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to insufficien...

phpMyAdmin 2.x - 'queryframe.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

Serendipity < 0.8.1 Multiple Vulnerabilities

According to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. -...

WordPress Core 1.5 - &#039;post.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13663/info Wordpress is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...

WordPress 1.5 - post.php Cross-Site Scripting

WordPress 1.5 - post.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13663/info Wordpress is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

JGS-Portal 3.0.1/3.0.2 - &#039;jgs_portal_mitgraf.php?year&#039; SQL Injection

source: https://www.securityfocus.com/bid/13650/info JGS-Portal is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of the SQL injection issues could...

MonoChat 1.0 - HTML Injection

source: https://www.securityfocus.com/bid/17983/info MonoChat is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the contex...

Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities

Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted...

Skull-Splitter Guestbook 1.0/2.0/2.2 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted messages. The attacker-supplied HTML and script code would be able to access...

PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting

PHPHeaven PHPMyChat 0.14.5 - Start-Page.CSS.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/13627/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

PHPHeaven PHPMyChat 0.14.5 - &#039;Start-Page.CSS.php3&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13627/info phpMyChat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Ultimate PHP Board 1.8/1.9 - &#039;viewforum.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13621/info Ultimate PHP Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

[SA15297] Quick.Cart &quot;sWord&quot; Cross-Site Scripting Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Quick.Cart "sWord" Cross-Site Scripting Vulnerability...

MyServer 0.8 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/13578/info myServer is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

Invision Power Board < 2.0.4 Multiple Vulnerabilities (SQLi, XSS)

According to its banner, the version of Invision Power Board on the remote host suffers from multiple vulnerabilities : - SQL Injection Vulnerability The application fails to sanitize user-input supplied through the 'passhash' cookie in the 'sources/login.php' script, which can be exploited to...

phpBB 2.0.x - &#039;BBCode.php&#039; URL Tag

source: https://www.securityfocus.com/bid/13545/info The phpbb vendor reports that a critical vulnerability exists in the BBCode handling routines of the 'bbcode.php' script. The bbcode url tag is not properly sanitized of user-supplied input. This could permit the injection of arbitrary HTML or...

Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities

Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials a...

MidiCart PHP - Item_List.php?SecondGroup Cross-Site Scripting

MidiCart PHP - ItemList.php?SecondGroup Cross-Site Scripting source: https://www.securityfocus.com/bid/13517/info MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage thi...

MidiCart PHP - &#039;Item_List.php?MainGroup&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13518/info MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...