6666 matches found
AWStats < 7.1 'awredir.pl' Multiple XSS Vulnerabilities - Active Check
AWStats is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
vTiger CRM 5.2.1 - 'PHPrint.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/49927/info vtiger CRM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Phorum 5.2.18 - adminindex.php Cross-Site Scripting
Phorum 5.2.18 - adminindex.php Cross-Site Scripting source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Phorum 5.2.18 - '/admin/index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/49920/info Phorum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
ProjectForum 7.0.1 3038 - more Object HTML Injection
ProjectForum 7.0.1 3038 - more Object HTML Injection source: https://www.securityfocus.com/bid/49895/info ProjectForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Theme RedLine 1.65 - s Cross-Site Scripting
WordPress Theme RedLine 1.65 - s Cross-Site Scripting source: https://www.securityfocus.com/bid/49880/info The RedLine theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
Adobe ColdFusion Multiple XSS Vulnerabilities (Sep 2011)
Adobe ColdFusion is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ProjectForum 7.0.1 3038 - 'more' Object HTML Injection
source: https://www.securityfocus.com/bid/49895/info ProjectForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
WordPress Theme Black-LetterHead 1.5 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/49879/info The Black-LetterHead theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
MyNews 1.2 'basepath' Parameter Multiple Remote File Include Vulnerabilities
MyNews 1.2 is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user- supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web server...
Digital College 'basepath' Parameter Multiple Remote File Include Vulnerabilities
Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web...
Digital College <= 1.1 Multiple RFI Vulnerabilities - Active Check
Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
WordPress Theme EvoLve 1.2.5 - 's' Cross-Site Scripting
source: https://www.securityfocus.com/bid/49872/info The EvoLve theme for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...
Joomla! < 1.7.0 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/49853/info Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Bitweaver 2.8.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/49864/info Bitweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Traq 2.2 Cross Site Scripting / SQL Injection
Vulnerability ID: HTB23046 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesintraq.html Product: Traq Vendor: Jack Polgar http://traqproject.org/ Vulnerable Version: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: 07 September 2011 Vulnerability Type: XSS, SQL...
Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities
Adobe ColdFusion 7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/49787/info Adobe ColdFusion is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. An attacker could exploit...
S9Y Serendipity Freetag-plugin 3.23 - serendipity[tagview] Cross-Site Scripting
S9Y Serendipity Freetag-plugin 3.23 - serendipitytagview Cross-Site Scripting source: https://www.securityfocus.com/bid/49771/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage thi...
WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection
WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 WordPress 3.1.4 - Regular Subscriber HTML Injection source: https://www.securityfocus.com/bid/49765/info Multiple products are prone to an HTML-injection vulnerability because they fail to sufficiently sanitize user-supplied...
WordPress Regular Subscriber Plugin 3.1.x - HTML Injection Vulnerability
WordPress Regular Subscriber plugin is prone to an HTML-injection vulnerability because of failure to sufficiently clean up user-supplied input. It allows an attacker to execute arbitrary script code in the browser in the context of the affected websites. In this way an attacker can steal...