6666 matches found
xClick Cart 1.0.x - 'shopping_url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51699/info xClick Cart is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...
Multiple vulnerabilities in LEPTON
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LEPTON, which can be exploited to perform Local File Inclusion, Cross Site Scripting and SQL Injection attacks. 1 Local File Inclusion in LEPTON: CVE-2012-0998 Input passed via the "language" POST parameter to...
WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting
WordPress Plugin YouSayToo auto-publishing 1.0 - submit Cross-Site Scripting source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...
WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51649/info YouSayToo auto-publishing for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Raven 1.0 - connector.asp Arbitrary File Upload
Raven 1.0 - connector.asp Arbitrary File Upload source: https://www.securityfocus.com/bid/51631/info Raven is prone to a vulnerability that lets an attacker upload and execute arbitrary script code in the context of the affected webserver process. The issue occurs because the application fails to...
Raven 1.0 - 'connector.asp' Arbitrary File Upload
source: https://www.securityfocus.com/bid/51631/info Raven is prone to a vulnerability that lets an attacker upload and execute arbitrary script code in the context of the affected webserver process. The issue occurs because the application fails to sufficiently sanitize user-supplied input. Rave...
Lead Capture - 'login.php' Script Cross-Site Scripting
source: https://www.securityfocus.com/bid/51785/info Lead Capture is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
phpVideoPro Multiple Cross Site Scripting Vulnerabilities
phpVideoPro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the...
IBM Web Experience Factory Multiple XSS Vulnerabilities
IBM Web Experience Factory is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
OneOrZero AIMS 2.8.0 Trial Build 231211 Cross Site Scripting
Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...
OneOrZero AIMS - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51549/info OneOrZero AIMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities
Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51424/info Beehive Forum 101 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting
PHP Membership Site Manager Script 2.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51416/info PHP Membership Site Manager Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically...
phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51428/info phpVideoPro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
Beehive Forum 101 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51424/info Beehive Forum 101 is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...
Giveaway Manager - 'members.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/51431/info Giveaway Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
PHP Ringtone Website - 'ringtones.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/51418/info PHP Ringtone Website is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...
MailEnable XSS Vulnerability (Jan 2012) - Active Check
MailEnable is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities
KnowledgeTree 3.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51373/info KnowledgeTree is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execut...
Microsoft AntiXSS Library Information Disclosure Vulnerability (2607664)
This host is missing an important security update according to Microsoft Bulletin MS12-007. OpenVAS Vulnerability Test $Id: secpodms12-007.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft AntiXSS Library Information Disclosure Vulnerability 2607664 Authors: Madhuri D Copyright: Copyright c 2012...