6666 matches found
Plume CMS 1.2.2 - 'manager/xmedia.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27999/info Plume CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser...
PhpGedView 2.5/2.6 Calendar.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11907/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...
DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...
Microsoft Internet Explorer 5/6 MSXML XML File Parsing Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7938/info A vulnerability has been reported for the Microsoft Internet Explorer that may result in cross-site scripting attacks. If IE, using the MSXML parser, is unable to parse the requested XML file, it will display a...
OpenEMR 2.8.2 Login_Frame.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22348/info OpenEMR is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
AWStats 6.8 'awstats.pl' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30730/info AWStats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
e107 website system 0.7.5 search.php Query String (PATH_INFO) Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the...
Snitz Forums 2000 3.4.5/3.4.6 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27162/info Snitz Forums 2000 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in t...
Cisco Secure Desktop 3.x 'translation' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37960/info Cisco Secure Desktop is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
vBulletin 3.0 Private Message HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7594/info A vulnerability has been reported in vBulletin 3.0.0 beta 2. The problem is said to occur due to insufficient sanitization of private messages. As a result, an attacker may be capable of embedding malicious HTML...
WebCT Discussion Board 4.1 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13101/info WebCT is reportedly affected by an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in dynamically generated content...
LiveJournal Cleanhtml.PL HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15990/info LiveJournal is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
PHPWCMS 1.2.5 -DEV Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-80148' vul ID version = '1' author = 'fenghh' vulDate =...
C-News 1.0.1 - 'install.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28989/info C-News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Oracle Siebel 7.7/7.8 'loyalty_enu/start.swe' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38456/info Oracle Siebel is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...
Net Clubs Pro 4.0 imessage.cgi username Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17622/info Net Clubs Pro is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have...
ProductCart 1.x/2.x Custva.asp redirectUrl Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9669/info EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could expose sensitive data suc...
Softbiz Jobs 'sbad_type' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38383/info Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
EZHomePagePro 1.5 users_calendar.asp page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17236/info EZHomePagePro is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...
Chipmunk Guestbook 1.4 Homepage HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16112/info Chipmunk Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...