6666 matches found
eWeather - 'chart' Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28241/info eWeather is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
DirectAdmin <= 1.33.6 'CMD_REDIRECT' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35450/info DirectAdmin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary script code in the...
Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24598/info Apple WebCore is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may exploit this issue by enticing victims into visiting a...
PRO-Search 0.17 Index.PHP Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27126/info PRO-Search is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
WikyBlog 1.7.1 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31525/info WikyBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...
DotClear 1.2.x /tools/thememng/index.php tool_url Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23411/info DotClear is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...
Bugzero 4.3.1 edit.jsp Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17351/info Bugzero is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
Openfire <= 3.6.2 'user-properties.jsp' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32938/info Openfire is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser ...
Rayzz Photoz Upload Vulnerability
No description provided by source. ========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...
DotNetNuke <= 4.0 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20117/info DotNetNuke is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
EEB-CMS 0.95 'index.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31732/info EEB-CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser o...
DivXDB 2002 0.94b - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28566/info DivXDB 2002 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
wwwstats 3.21 Clickstats.PHP Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26759/info The 'wwwstats' program is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and...
CubeCart 2.0.x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12658/info CubeCart is affected by multiple cross-site scripting vulnerabilities; an upgrade is available. These issues exist because the application fails to properly sanitize user-supplied input. As a result of these...
Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/22796/info Woltlab Burning Board is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and...
Sambar Server 5.x/6.0/6.1 results.stm indexname XSS
No description provided by source. source: http://www.securityfocus.com/bid/13722/info Sambar Server administrative interface does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing...
Calendarix 0.7.20070307 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24626/info Calendrix is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
Quick Cart <= 3.1 - 'admin.php' Cross Site Scripting Vulnerability
exp: http://www.example.com/admin.php?"alertdocument.cookie" Quick.Cart admin.php 中没有对用户提交的数据进行过滤,从而导致xss 该漏洞仅在IE浏览器上会触发。。。 source: http://www.securityfocus.com/bid/31216/info Quick.Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data...
Java Search Engine 0.9.34 Search.JSP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
OpenBB 1.0.x post.php TID Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...