6666 matches found
Microsoft Partner Service - Persistent Web Vulnerability
Document Title: =============== Microsoft Partner Service - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=433 http://www.vulnerability-lab.com/getcontent.php?id=439 MSRC ID: 12209nj Release Date: ============= 2012-04-13...
WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting
WordPress Plugin All-in-One Event Calendar 1.4 - agenda-widget-form.php?title Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...
WordPress Plugin All-in-One Event Calendar 1.4 - box_publish_button.php?button_value Cross-Site Scripting
WordPress Plugin All-in-One Event Calendar 1.4 - boxpublishbutton.php?buttonvalue Cross-Site Scripting source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitiz...
WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52986/info All-in-One Event Calendar plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
Microsoft Forefront Unified Access Gateway URI Open Redirection Vulnerability
Description Microsoft Forefront Unified Access Gateway is prone to a URI open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may...
Microsoft Internet Explorer CVE-2012-0168 Print Feature Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...
osCmax Shop CMS 2.5.1 Cross Site Scripting
Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...
idev Game Site CMS v1.0 - Multiple Web Vulnerabilities
Document Title: =============== idev Game Site CMS v1.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=494 Release Date: ============= 2012-04-07 Vulnerability Laboratory ID VL-ID: ==================================== 494...
Multiple vulnerabilities in Piwigo
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Piwigo, which can be exploited to perform Cross-Site Scripting XSS and Path Traversal attacks. 1 Directory Path Traversal in Piwigo: CVE-2012-2208 1.1 Input passed via the "language" GET parameter to upgrade.php ...
BackupPC < 3.2.1 Multiple XSS Vulnerabilities - Active Check
BackupPC is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting
Arbor Networks Peakflow SP 3.6.1 - index Cross-Site Scripting source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020)
The version of WebShield UI hosted on the remote web server has a reflected cross-site scripting vulnerability. Input to the 'bodyStyle' parameter of ProcessTextFiles is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...
Arbor Networks Peakflow SP 3.6.1 - 'index/' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52881/info Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting
JBMC Software DirectAdmin 1.403 - domain Cross-Site Scripting source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
JBMC Software DirectAdmin 1.403 - 'domain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/52845/info DirectAdmin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
JamWiki < 1.1.6 XSS Vulnerability - Active Check
JAMWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting
ManageEngine Firewall Analyzer 7.2 - fwmindex.do?url Cross-Site Scripting source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to...
ManageEngine Firewall Analyzer 7.2 - fwsyslogViewer.do?port Cross-Site Scripting
ManageEngine Firewall Analyzer 7.2 - fwsyslogViewer.do?port Cross-Site Scripting source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues...