6666 matches found
MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures
MySQLDumper 1.24.4 - Multiple Script Direct Request Information Disclosures source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multip...
MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities
MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3...
WordPress Zingiri Web Shop Plugin Multiple Cross Site Scripting Vulnerabilities
WordPress Zingiri Web Shop Plugin is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...
Concrete5 CMS 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/53268/info concrete5 is prone to information-disclosure, SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to harvest sensitive information, compromi...
gpEasy 2.3.3 - 'jsoncallback' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Quick.CMS 4.0 - p Cross-Site Scripting
Quick.CMS 4.0 - p Cross-Site Scripting source: https://www.securityfocus.com/bid/53273/info Quick.CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
gpEasy 2.3.3 - jsoncallback Cross-Site Scripting
gpEasy 2.3.3 - jsoncallback Cross-Site Scripting source: https://www.securityfocus.com/bid/53269/info gpEasy is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
DSA-2461-1 spip - several
Bulletin has no description...
Multiple vulnerabilities in Pligg CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pligg CMS , which can be exploited to perform Cross-Site Scripting XSS and Local File Inclusion attacks. 1 Multiple Cross-Site Scripting XSS in Pligg CMS: CVE-2012-2436 1.1 Input passed via the arbitrary any GET...
Joomla! 'Beatz' Component Multiple XSS Vulnerabilities
Joomla Beatz component is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Mitsubishi.ru Cross Site Scripting / SQL Injection
Exploit Title: Mitsubishi.ru XSS/SQL Injection Vulnerability Date: 23/04/2012 Author: Ryuzaki Lawlet Web/Blog: http://justryuz.blogspot.com Category: webapps Security:RISK: High Vendor or Software Link:- Google dork: - Tested on: Linux Exploit/p0c : http://localhost:80/rac.php?m=xss...
RealNetworks Helix Server Multiple Remote Vulnerabilities
RealNetworks Helix Server is prone to multiple remote vulnerabilities. Attackers can exploit theses issues to execute arbitrary code within the context of the affected application, cause denial-of service conditions, retrieve potentially sensitive information, execute arbitrary script code in the...
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
Document Title: =============== C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=484 Release Date: ============= 2012-04-23 Vulnerability Laboratory ID VL-ID: ==================================== 48...
RealNetworks Helix Server Multiple Remote Vulnerabilities
RealNetworks Helix Server is prone to multiple remote vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Waylu CMS - '/products_xx.php' SQL Injection / HTML Injection
source: https://www.securityfocus.com/bid/53202/info Waylu CMS is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application, access or modif...
Anchor CMS 0.6-14-ga85d0a0 - 'id' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/53181/info Anchor CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the...
XOOPS 2.5.4 - '/tiny_mce/plugins/xoopsimagemanager/xoopsimagebrowser.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
XOOPS 2.5.4 - '/modules/pm/pmlite.php?to_userid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53143/info XOOPS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Plugin Beatz 1.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53030/info Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these...