6664 matches found
MegaBook 2.0/2.1 - 'Admin.cgi?EntryID' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13522/info MegaBook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...
Invision Power Board index.php Multiple Parameter XSS
The version of Invision Power Board installed on the remote host suffers from a cross-site scripting vulnerability due to its failure to sanitize user input via the 'act' parameter to the 'index.php' script. An unauthenticated attacker can exploit this flaw by injecting malicious HTML and script...
MidiCart PHP - 'Item_List.php?SecondGroup' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13517/info MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...
CVE-2005-1331
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters su...
Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13484/info Gossamer Threads Links is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...
WebCrossing WebX 5.0 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/13482/info WebCrossing is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser ...
GLSA-200505-01 : Horde Framework: Multiple XSS vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200505-01 Horde Framework: Multiple XSS vulnerabilities Cross-site scripting vulnerabilities have been discovered in various modules of the Horde Framework. Impact : These vulnerabilities could be exploited by an attacker to execu...
Just William's Amazon Webstore - 'searchFor' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13426/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
Just Williams Amazon Webstore - searchFor Cross-Site Scripting
Just Williams Amazon Webstore - searchFor Cross-Site Scripting source: https://www.securityfocus.com/bid/13426/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...
Just Williams Amazon Webstore - Closeup.php?Image Cross-Site Scripting
Just Williams Amazon Webstore - Closeup.php?Image Cross-Site Scripting source: https://www.securityfocus.com/bid/13419/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
Just William's Amazon Webstore - 'Closeup.php?Image' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13419/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
Horde Chora common-footer.inc Page Title XSS
According to its version, the remote installation of Chora fails to fully sanitize user-supplied input when setting the parent frame's page title by JavaScript in 'templates/common-footer.inc'. By leveraging this flaw, an attacker may be able to inject arbitrary HTML and script code into a user's...
WoltLab Burning Board 2.3.1 - 'PMS.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13353/info WoltLab Burning Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in th...
CartWIZ 1.10 - searchresults.asp Name Argument Cross-Site Scripting
CartWIZ 1.10 - searchresults.asp Name Argument Cross-Site Scripting source: https://www.securityfocus.com/bid/13343/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...
CartWIZ 1.10 - 'searchresults.asp' SKU Argument Cross-Site Scripting
source: https://www.securityfocus.com/bid/13342/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'AddToWishlist.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13337/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'login.asp' Redirect Argument Cross-Site Scripting
source: https://www.securityfocus.com/bid/13340/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'error.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13339/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
phpBB 2.0.x - 'profile.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...
CartWIZ 1.10 - 'TellAFriend.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13336/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...