6666 matches found
Clickcess ChitChat.NET name XSS
No description provided by source. source: http://www.securityfocus.com/bid/8417/info It has been reported that a html injection issue exists in the Clickcess ChitChat.NET discussion forum software. The vulnerability is reported to be present in the Name and Topic Title text boxes. The problem ma...
JGS-Gallery 4.0 jgs_galerie_slideshow.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary scrip...
JGS-Gallery 4.0 Board jgs_galerie_scroll.php userid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary scrip...
artmedic weblog artmedic_print.php date Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27745/info artmedic webdesign weblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
timobraun Dynamic Galerie 1.0 galerie.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17896/info Dynamic Galerie is prone to a directory-traversal vulnerability and a cross-site scripting vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attack...
DT_Guestbook 1.0 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22078/info The 'dtguestbook' program is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
MyBlog 1.x - SQL Injection and Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28313/info MyBlog is prone to multiple input-validation vulnerabilities, including: - Multiple SQL-injection vulnerabilities - Multiple remote file-include vulnerabilities - A privilege-escalation vulnerability An attacke...
Mambo 4.6.2 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26922/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser o...
Novell GroupWise 7.0 - HTML Injection and Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28944/info Novell GroupWise is prone to an HTML-injection vulnerability and a denial-of-service vulnerability. By exploiting the HTML-injection vulnerability, attackers can execute HTML and script code in the context of t...
Vizra A_Login.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17949/info Vizra is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Oracle Reports Server 10g 9.0.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14313/info Multiple remote cross-site scripting vulnerabilities affect Oracle Reports Server. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may...
DRBGuestbook 1.1.13 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25911/info DRBGuestbook is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS
No description provided by source. source: http://www.securityfocus.com/bid/31855/info Google Chrome 0.2.149 is prone to a cross-site scripting weakness that arises because the software fails to handle specially crafted files served using the FTP protocol. Successfully exploiting this issue may...
Xoops Pool Module IMG Tag HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16189/info The XOOPS Pool Module is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
CuteNews 1.4.6 index.php New User Creation CSRF
No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...
VBulletin 2.x Private.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9940/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'ptivate.php' script. This issue is reportedly due to a failure to sanitize user input and so allow for injection of HT...
Alisveris Sitesi Scripti Index.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25007/info Alisveris Sitesi Scripti is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass
No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...
ProfitCode Software PayProCart 3.0 AdminShop ModID Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13306/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Stuffed Guys Stuffed Tracker Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25931/info Stuffed Tracker is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...