Microsoft Internet Explorer 5 Classic Mode FTP Client Cross Domain Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7810/info The Microsoft Internet Explorer FTP indexing implementation could allow script code to be executed in the security zone of another FTP site. This vulnerability only exists when Internet Explorer FTP is used in...

Nullsoft Shoutcast 1.9.7 Logfile HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22742/info Nullsoft SHOUTcast is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...

cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9853/info It has been reported that cPanel may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The issue presents itself due to...

VBulletin 2.0/2.2.x Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/5997/info vBulletin does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks. As a result, it is possible for a remote attacker to create a malicious link containing script code which...

Jeebles Directory 2.9.60 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28221/info Jeebles Directory is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

Sambar Server 5.x/6.0/6.1 Server Referer XSS

No description provided by source. source: http://www.securityfocus.com/bid/13722/info Sambar Server administrative interface does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing...

RMSOFT MiniShop 1.0 'search.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30616/info RMSOFT MiniShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

IBM Lotus Connections 2.0.1 'simpleSearch.do' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36513/info IBM Lotus Connections is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

OOApp Guestbook 2.1 Home Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16091/info OOApp Guestbook is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

Wikepage Opus 13 2007.2 - 'wiki' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28842/info Wikepage Opus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

DRZES HMS 3.2 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15766/info DRZES HMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

Achievo <= 1.3.4 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/35140/info Achievo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Joomla! 3D Cloud 'tagcloud.swf' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37958/info The 3D Cloud component for Joomla! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

Drupal 4.x URL-Encoded Input HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16117/info Drupal is prone to an HTML injection vulnerability when handling URL-encoded HTML and script code in message content. This issue is due to a failure in the application to properly sanitize user-supplied input...

FlashCard 2.6.5 'id' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39648/info FlashCard is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

VBulletin 3.0 ShowThread.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9889/info It has been reported that VBulletin is prone to a cross-site scripting vulnerability in the 'showthread.php' script. This issue is reportedly due to a failure to sanitize user input and so allow for injection of...

Chi Kien Uong Guestbook 1.51 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8896/info It has been reported that Chi Kien Uong Guestbook may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a user's browser. The problem is reported...

RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28277/info RSA WebID is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Roundcube Webmail 0.1 CSS Expression Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26800/info Roundcube Webmail is prone to an input-validation vulnerability because it fails to sanitize HTML email messages. Attackers can exploit this issue to execute arbitrary script code in the browser of an...

Web-APP.net WebAPP 0.9.x mods/calendar/index.cgi vsSD Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17359/info Web-App.Org and Web-App.Net are prone to multiple cross-site scripting vulnerabilities because the applications fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute...