Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting

Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting source: https://www.securityfocus.com/bid/10778/info It is reported that Imatix Xitami is affected by a cross-site scripting vulnerability in the server side includes test script. This issue is due to a failure of the application to...

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution source: https://www.securityfocus.com/bid/10652/info Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the...

Liferay Cross Site Scripting Flaw

Advisory Name: Liferay Cross Site Scripting flaw Release Date: 05/22/2004 Application: Liferay www.liferay.com Author: Sandeep Giri Vendor Status: Notified 4 months ago Overview: Taken from http://www.liferay.com/products/index.jsp Liferay Enterprise Portal was designed to: Provide organizations...

Fusionphp Fusion News 3.6.1 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/10203/info An attacker may be capable of executing arbitrary script code in a browser of a target user and within the context of a visited web site. This may potentially lead to theft of cookie based authentication credentials, other attacks are also...

AzDGDatingLite 2.1.1 - 'index.php?language' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10084/info Multiple cross-site scripting vulnerabilities have been reported in AzDGDatingLite. These issues may be exploited by enticing a victim user to visit a malicious link that includes hostile HTML and script code. Exploitation could facilitate thef...

WebCT Campus Edition 3.84.x - HTML Injection

WebCT Campus Edition 3.84.x - HTML Injection source: https://www.securityfocus.com/bid/9999/info It has been reported that WebCT Campus Edition may be prone to an HTML injection vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in the browser of an unsuspecti...

XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting

XMB Forum 1.8 - BBcode align Tag Cross-Site Scripting source: https://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote...

EZBoard 7.3 - Font Tag HTML Injection

source: https://www.securityfocus.com/bid/9725/info ezboard is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code encapsulated in font tags of posts to the bulletin board. This code may be rendered in the web browser of a user wh...

WebCortex WebStores2000 - 'error.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9693/info It has been reported that WebStores2000 is prone to a cross-site scripting vulnerability. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks...

Mambo Open Source 4.6 - 'Itemid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9588/info It has been reported that Mambo Open Source may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. The issue exists in the 'Itemid' parameter of...

Microsoft Internet Explorer Mouse Click Event Hijacking Vulnerability

Description A vulnerability exists in Internet Explorer when handling specific DHTML events, allowing a malicious Web page to intercept mouse click events to perform unintended drag and drop operations. In particular, it is possible to simulate a mouse drag and drop event through use of the moveB...

OpenAutoClassifieds 1.0 - Listing Cross-Site Scripting

OpenAutoClassifieds 1.0 - Listing Cross-Site Scripting source: https://www.securityfocus.com/bid/8972/info It has been reported that OpenAutoClassifieds is prone to a cross-site scripting vulnerability. The issue is reported to exist due insufficient sanitization of user-supplied data through the...

Microsoft Internet Explorer 6 - Scrollbar-Base-Color Partial Denial of Service

source: https://www.securityfocus.com/bid/8874/info It has been reported that Microsoft Internet Explorer is prone to a vulnerability that may allow an attacker to cause a denial of service condition in the software. The problem occurs due to improper handling of scrollbar-base-color attribute of...

WebCalendar 0.9.x colors.php color XSS

WebCalendar 0.9.x colors.php color XSS. Webapps exploit for php platform source: http://www.securityfocus.com/bid/8539/info It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php,...

DCForum+ 1.2 - 'Subject' HTML Injection

source: https://www.securityfocus.com/bid/8384/info DCForum+ is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code in the subject field of posts to the bulletin board. This is because the script that processes posts does not...

CPanel 5.05.36.x - Admin Interface HTML Injection

CPanel 5.05.36.x - Admin Interface HTML Injection source: https://www.securityfocus.com/bid/8119/info cPanel is prone to an HTML injection vulnerability. It is possible for remote attacks to include hostile HTML and script code in requests to cPanel, which will be logged. When logs are viewed by ...

XMB Forum 1.8 - member.php?member Cross-Site Scripting

XMB Forum 1.8 - member.php?member Cross-Site Scripting source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit an...

WebChat 2.0 - users.php Cross-Site Scripting

WebChat 2.0 - users.php Cross-Site Scripting source: https://www.securityfocus.com/bid/7779/info WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks...

WebChat 2.0 - 'users.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/7779/info WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a...

Bandmin 1.4 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/7729/info It has been reported that a cross-site scripting vulnerability exists in Bandmin. Because of this, an attacker may be able to execute script code or HTML in the context of the site hosting Bandmin by enticing a web user to follow a malicious lin...