6666 matches found
PostNuke Phoenix 0.726 openwindow.php hlpfile Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests...
Simple Machines Forum <= 1.1.7 '[url]' Tag HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...
TIPS MailPost 5.1.1 Error Message Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11598/info MailPost is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data and can allow an attacker to execute arbitrary HTML and scri...
OneWorldStore OWListProduct.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
OneWorldStore OWContactUs.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
FreznoShop 1.2.3/1.3 Search Script Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9359/info FreznoShop is prone to a cross-site scripting vulnerability. Remote attackers may create malicious links to the software that include hostile HTML and script code. If such a link was followed by a victim user, t...
Lazarus Guestbook 1.6 codes-english.php show Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18956/info Lazarus Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...
CMS Faethon 1.3.2 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18489/info CMS Faethon is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have an arbitrary remo...
ForumJBC 4.0 Haut.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19992/info ForumJBC is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverge this issue to have arbitrary script code execute in the browser of...
Dating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...
Confixx 3.0/3.1 FTP_index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18426/info Confixx is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
cPanel 11.18.3/11.21 - 'manpage.html' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28403/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
FatWire UpdateEngine 6.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16073/info FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...
MG2 'list' Parameter - Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28098/info MG2 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Elite Forum 1.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15257/info Elite Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
Pilot Group eTraining lessons_login.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
Recipe Script 'search.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31442/info Recipe Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Plunet BusinessManager 4.1 pagesUTF8/Sys_DirAnzeige.jsp Pfad Parameter Direct Request Information Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...
Uapplication Ublog 1.0.x Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...
GeeCarts - view.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...