6666 matches found
PHP-Fusion 6.0 Members.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15931/info PHP-Fusion is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
DirectAdmin 1.28/1.29 CMD_EMAIL_FORWARDER_MODIFY user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
DCP-Portal 3.7/4.x/5.x/6.x forums.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Ultimate PHP Board Board 1.0 final beta ViewTopic.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6335/info Ultimate PHP Board UPB is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems. By passing a malicious script code to the viewtopic.php script, UPB may...
PHP Classifieds 6.0.5 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5022/info PHP Classifieds has been reported to be prone to cross-site scripting attacks. Attackers may inject arbitrary HTML or script code into URI parameters in a malicious link. When the malicious link is visited, the...
Sun Java System Calendar Server 6 'command.shtml' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34153/info Sun Java System Calendar Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script cod...
DirectAdmin 1.28/1.29 CMD_EMAIL_VACATION_MODIFY user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
Censura Prior to 2.1.1 Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/35920/info Censura is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
Rotabanner Local 2/3 'index.php' Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27138/info Rotabanner Local is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...
Hot Banana Web Content Management Suite 5.3 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15948/info Web Content Management Suite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...
Sage 1.3.6 Extension Feed HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22493/info Sage Extension Feed is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Hostile HTML and script...
Knusperleicht Shoutbox 2.6 Shout.php HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21637/info Knusperleicht Shoutbox is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML and script code...
Enigma Haber 4.2 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18226/info Enigma Haber is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Prototype of an PHP application 0.1 menu/menuprincipal.php path_inc Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to...
Claroline 1.8.9 claroline/redirector.php url Variable Arbitrary Site Redirect
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
PhotoCycle 1.0 PhotoCycle.php Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18964/info Photocycle is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an...
Prototype of an PHP application 0.1 index.php path_inc Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to...
SAP Business Objects Crystal Reports 7-10 'viewreport.asp' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34341/info SAP Business Objects Crystal Reports is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
PHPLive! 3.2.2 help.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/24276/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...