6666 matches found
Ezboard 'invitefriends.php3' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8519/info The 'invitefriends.php3' script of Ezboard has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on user-supplied URI parameters. This issue...
Banshee 1.4.2 DAAP Extension 'apps/web/vs_diag.cgi' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
RealOne Player 1.0/2.0/6.0.10/6.0.11 SMIL File Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8453/info Real Networks has reported a vulnerability in RealOne Player. Script embedded in SMIL presentations may be executed in the context of a domain that is specified by an attacker. This could allow for theft of...
VBulletin 3.0.1 newreply.php WYSIWYG_HTML Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10602/info VBulletin is reported prone to an HTML injection vulnerability. This issue affects the 'newreply.php' and 'newthread.php' scripts. An attacker may exploit this issue by including hostile HTML and script code in...
QwikiWiki 1.4/1.5 recentchanges.php help Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17064/info QwikiWiki is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Code-Crafters Ability Mail Server 1.18 errormsg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10695/info Ability Mail Server is reported prone to multiple vulnerabilities that may allow a remote attacker to carry out cross-site scripting and denial of service attacks. The server is prone to a cross-site scripting...
Claroline 1.8.9 course_description/index.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Turnkey eBook Store 1.1 'keywords' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34324/info Turnkey eBook Store is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Datalife Engine CMS 7.2 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31335/info Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
Geeklog 1.3.7 Homepage User Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6604/info Geeklog is prone to HTML injection attacks. The user account 'Homepage' field is not sufficiently sanitized of HTML and script code. As a result, a malicious user may inject malicious HTML and script code into...
txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17054/info txtForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Jax PHP Scripts 1.0/1.34/2.14/3.31 jax_guestbook.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14481/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection and Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature. An attacker can exploit the HTML-injection issue...
Invision Power Board 1.3 Pop Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9822/info It has been reported that Invision Power Board may be prone to a cross-site scripting vulnerability. This may allow a remote attacker to cause hostile HTML or script code to be rendered in a user's browser via a...
Meeting Room Booking System (MRBS) 1.2.6 help.php area Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
MaxWebPortal 1.30 search.asp Search Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An...
VBulletin 1.0.1 lite/2.x/3.0 /admincp/language.php goto Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14874/info vBulletin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...
Moodle <= 1.8.3 'install.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27259/info Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Verity K2 Toolkit 2.20 Query Builder Search Script Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8074/info It has been reported that the K2 Toolkit does not sufficiently sanitize input by users. Because of this, it may be possible for an attacker to launch an attack that results in the execution of hostile HTML or...
CubeCart 3.0.3 cart.php redir Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14962/info CubeCart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...