Cezanne 6.5.1/7 - CznCustomContainer.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28772/info Cezanne Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Authenticated attackers may leverage these issues to execute arbitrary scrip...

phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...

phpMyForum 4.0 index.php type Variable CRLF Injection

No description provided by source. source: http://www.securityfocus.com/bid/17420/info phpMyForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

MilliScripts 'dir.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

phpMyAdmin 2.x Multiple Script Array Handling Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

TinyPHPForum 3.6 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17553/info TinyPHPForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to ha...

Blog Torrent 0.80 BTDownload.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11839/info It is reported that Blog Torrent is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a...

jira 4.4.3, greenhopper < 5.9.8 - Multiple Vulnerabilities

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2012-1500, Stored XSS in JIRA v4.4.3663-r165197, GreenHopper Resolved in Version 5.9.8, Proof of Concept External References: CVE-2112-1500 CVE-2112-1500 XSS.Cx Blog GHS-5642 Reported to Vendor on Mar 7, 2012,...

ReBB 1.0 Image Tag Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4220/info ReBB is web forum software which will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is written in PHP and may be back-ended by a number of databases. ReBB allows users t...

phpFaber CMS 1.3.36 'module.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37329/info phpFaber CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Verylost LostBook 1.1 Message Entry HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and sanitize user-supplied...

TGS Content Management 0.3.2r2 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30157/info TGS Content Management is prone to an HTML-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

ImageVue 1.7 - popup.php path Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

Imatix Xitami 2.5 Server Side Includes Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10778/info It is reported that Imatix Xitami is affected by a cross-site scripting vulnerability in the server side includes test script. This issue is due to a failure of the application to properly sanitize user-supplie...

Aruba MC-800 Mobility Controller Screens Directory HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26465/info Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML and...

CuteNews 1.4.5 show_news.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

Intel Graphics Accelerator Driver Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16127/info The Intel Graphics Accelerator driver is susceptible to a remote denial of service vulnerability. This issue is demonstrated to occur when the affected driver attempts to display an overly long text in a text...

TFTgallery 0.13 'sample' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...

OneWorldStore DisplayResults.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13251/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Active Calendar 1.2 data/y_3.php css Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...