6666 matches found
AderSoftware CFBB 1.1 Index.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14440/info CFBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
Drupal 4.0 News Message HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...
EveryAuction 1.53 Auction.PL Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an...
PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
PortWise SSL VPN 4.6 'reloadFrame' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38308/info PortWise SSL VPN is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...
Elastic Path 4.1 - manager/getImportFileRedirect.jsp file Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-uplo...
Joomla MS Comment Component 0.8.0b Security Bypass and Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38250/info The MS Comment component for Joomla! is prone to a security-bypass vulnerability because it fails to properly sanitize user-supplied input. The component is also prone to a security-bypass vulnerability because...
WordPress <= 2.5.1 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30238/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
BookReview 1.0 add_classification.htm isbn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Opial AV Download Management 1.0 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20174/info Opial Audio/Visual Download Management is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to have arbitrary...
Grayscale BandSite CMS 1.1 links_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...
E-Zone Media FuzeTalk 2.0 AddUser.CFM Administrator Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10276/info It has been reported that FuseTalk is affected by an administrator command execution vulnerability in the adduser.cfm script. This issue is due to a failure of the application to properly validate the origin of...
phpSQLiteCMS 1 RC2 - cms/includes/header.inc.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29338/info phpSQLiteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
PHP <= 5.3.1 'session_save_path()' 'safe_mode' Restriction-Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38182/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write session files in arbitrary directions. This vulnerability would be an issue in shared-hosting...
QwikiWiki 1.4/1.5 pageindex.php help Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17064/info QwikiWiki is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
@lex Poll 1.2 - 'setup.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28520/info @lex Poll is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
osCommerce 2.2 admin/zones.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
eXtrovert software Thyme 1.3 'add_calendars.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31287/info Thyme is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
TinyPortal 0.8.6/1.0.3 - 'index.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28402/info TinyPortal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...