Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting

Technicolor THOMSON TG585v7 Wireless Router - url Cross-Site Scripting source: https://www.securityfocus.com/bid/47390/info Technicolor THOMSON TG585v7 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker...

MediaWiki API XSS

A cross-site scripting vulnerability exists in this installation of MediaWiki that allows an attacker to execute arbitrary script code in the browser of an unsuspecting user. Such script code could steal authentication credentials and be used to launch other attacks. %NASLMINLEVEL 70300 C Tenable...

Cross-site Scripting (XSS) Vulnerability in BackupPC

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BackupPC which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BackupPC The vulnerability exists due to input sanitation error in multiple parameters in...

Qianbo Enterprise Web Site Management System - 'Keyword' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47375/info Qianbo Enterprise Web Site Management System is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

WebCalendar 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities

WebCalendar 1.2.3 Multiple Cross Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/47328/info WebCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...

Script Insertion Vulnerabilities in Noah's Classifieds

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Noah's Classifieds which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Noah's Classifieds Input passed to the "col18", "description" and "titlePrefix" parameter in index.php i...

Horde Gollem 'file' Cross-Site Scripting Vulnerability

Horde Gollem is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FiberHome HG-110 - Cross-Site Scripting / Directory Traversal

source: https://www.securityfocus.com/bid/47277/info Fiberhome HG-110 is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script...

FiberHome HG-110 - Cross-Site Scripting Directory Traversal

FiberHome HG-110 - Cross-Site Scripting Directory Traversal source: https://www.securityfocus.com/bid/47277/info Fiberhome HG-110 is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting thes...

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/47282/info 1024cms is prone to multiple cross-site scripting vulnerabilities, multiple local file-include vulnerabilities, and a directory-traversal vulnerability An attacker may leverage the...

eGroupWare 1.8.1 - 'test.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47273/info eGroupware is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

vTiger CRM 5.2.1 - 'vtigerservice.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47267/info vtiger CRM is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

TextPattern 4.2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47182/info TextPattern is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

TextPattern 4.2 - index.php Cross-Site Scripting

TextPattern 4.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47182/info TextPattern is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...

Redmine 1.0.11.1.1 - projectshg-hellowwordnews Cross-Site Scripting

Redmine 1.0.11.1.1 - projectshg-hellowwordnews Cross-Site Scripting source: https://www.securityfocus.com/bid/47193/info Redmine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Cross-site Scripting (XSS) Vulnerabilities in webSPELL

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in webSPELL which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in webSPELL 1.1 The vulnerability exists due to input sanitation error in the "pass" and "touser...

Eleanor CMS - Cross-Site Scripting / Multiple SQL Injections

source: https://www.securityfocus.com/bid/47164/info Eleanor CMS is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script co...

WordPress Plugin WPwizz AdWizz Plugin 1.0 - link Cross-Site Scripting

WordPress Plugin WPwizz AdWizz Plugin 1.0 - link Cross-Site Scripting source: https://www.securityfocus.com/bid/47141/info The WPwizz AdWizz plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage th...

TP-Link TL-PS110U TL-PS110P - Cross-Site Scripting

TP-Link TL-PS110U TL-PS110P - Cross-Site Scripting GotGeek Labs http://www.gotgeek.com.br/ TP-Link TL-PS110U & TL-PS110P Cross-site Scripting Vulnerability + Description TL-PS110U: The TP-LINK TL-PS110U print server allows you to take the computer out of the loop while setting up a printing...

WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47142/info The Placester WordPress Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting us...