Lucene search
K

6666 matches found

Exploit DB
Exploit DB
added 2012/01/26 12:0 a.m.24 views

xClick Cart 1.0.x - 'shopping_url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51699/info xClick Cart is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...

7.4AI score
Exploits0
htbridge
htbridge
added 2012/01/25 12:0 a.m.33 views

Multiple vulnerabilities in LEPTON

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LEPTON, which can be exploited to perform Local File Inclusion, Cross Site Scripting and SQL Injection attacks. 1 Local File Inclusion in LEPTON: CVE-2012-0998 Input passed via the "language" POST parameter to...

7.6CVSS6.7AI score0.0188EPSS
Exploits5Affected Software1
exploitpack
exploitpack
added 2012/01/24 12:0 a.m.14 views

WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting

WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...

Exploits0
Exploit DB
Exploit DB
added 2012/01/24 12:0 a.m.32 views

WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/01/21 12:0 a.m.13 views

Raven 1.0 - connector.asp Arbitrary File Upload

Raven 1.0 - connector.asp Arbitrary File Upload source: https://www.securityfocus.com/bid/51631/info Raven is prone to a vulnerability that lets an attacker upload and execute arbitrary script code in the context of the affected webserver process. The issue occurs because the application fails to...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/21 12:0 a.m.26 views

Raven 1.0 - 'connector.asp' Arbitrary File Upload

source: https://www.securityfocus.com/bid/51631/info Raven is prone to a vulnerability that lets an attacker upload and execute arbitrary script code in the context of the affected webserver process. The issue occurs because the application fails to sufficiently sanitize user-supplied input. Rave...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/21 12:0 a.m.21 views

Lead Capture - 'login.php' Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/51785/info Lead Capture is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/01/19 12:0 a.m.16 views

phpVideoPro Multiple Cross Site Scripting Vulnerabilities

phpVideoPro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the...

7AI score
Exploits0References4
OpenVAS
OpenVAS
added 2012/01/19 12:0 a.m.26 views

IBM Web Experience Factory Multiple XSS Vulnerabilities

IBM Web Experience Factory is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5.9AI score0.01269EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2012/01/18 12:0 a.m.44 views

OneOrZero AIMS 2.8.0 Trial Build 231211 Cross Site Scripting

Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/18 12:0 a.m.24 views

OneOrZero AIMS - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51549/info OneOrZero AIMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

7AI score
Exploits0
exploitpack
exploitpack
added 2012/01/16 12:0 a.m.8 views

Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities

Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51424/info Beehive Forum 101 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

Exploits0
exploitpack
exploitpack
added 2012/01/16 12:0 a.m.9 views

PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting

PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51416/info PHP Membership Site Manager Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically...

Exploits0
Exploit DB
Exploit DB
added 2012/01/16 12:0 a.m.14 views

phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51428/info phpVideoPro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/16 12:0 a.m.30 views

Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51424/info Beehive Forum 101 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/16 12:0 a.m.21 views

Giveaway Manager - 'members.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51431/info Giveaway Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/01/15 12:0 a.m.25 views

PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/51418/info PHP Ringtone Website is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/01/13 12:0 a.m.30 views

MailEnable XSS Vulnerability (Jan 2012) - Active Check

MailEnable is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS5.8AI score0.0842EPSS
Exploits5References2
exploitpack
exploitpack
added 2012/01/11 12:0 a.m.17 views

KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities

KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51373/info KnowledgeTree is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2012/01/11 12:0 a.m.18 views

Microsoft AntiXSS Library Information Disclosure Vulnerability (2607664)

This host is missing an important security update according to Microsoft Bulletin MS12-007. OpenVAS Vulnerability Test $Id: secpodms12-007.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft AntiXSS Library Information Disclosure Vulnerability 2607664 Authors: Madhuri D Copyright: Copyright c 2012...

4.3CVSS6.5AI score0.19283EPSS
Exploits0References3
Rows per page
Query Builder