Vanilla Forums 2.0.17.x - p Cross-Site Scripting

Vanilla Forums 2.0.17.x - p Cross-Site Scripting source: https://www.securityfocus.com/bid/46486/info Vanilla Forums is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

WordPress Plugin GD Star Rating 1.9.7 - wpfn Cross-Site Scripting

WordPress Plugin GD Star Rating 1.9.7 - wpfn Cross-Site Scripting source: https://www.securityfocus.com/bid/46480/info The GD Star Rating plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

WordPress GD Star Rating Plugin 1.9.7 - Cross-Site Scripting

This GD Star Rating plugin's "wpfn" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

IBM Lotus Sametime Server 'stconf.nsf' Cross Site Scripting Vulnerability

IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

IBM Lotus Sametime - stconf.nsf Cross-Site Scripting

source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

phpBugTracker 1.0.5 Multiple Reflected XSS Vulnerabilities

Summary phpBugTracker is a web-based bug tracker with functionality similar to other issue tracking systems, such as Bugzilla. Design focuses on separating the presentation, application, and database layers. phpBugTracker is lightweight and easy to install, operate and administer. Most text can b...

Cross-site Request Forgery (CSRF) Vulnerabilities in Pragyan CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pragyan CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Pragyan CMS 1.1 The vulnerability exists due to insufficient validation of...

Multiple Vulnerabilities in xtcModified

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in xtcModified which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in xtcModified 1.1 The vulnerability exists due to input...

Eclipse IDE < 3.6.2 Help Contents Multiple XSS Vulnerabilities

Eclipse IDE is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/46385/info Photopad is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities

Photopad 1.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/46385/info Photopad is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

HP Power Manager Cross Site Request Forgery (CSRF) and XSS Vulnerability

This host is running HP Power Manager and is prone to cross site request forgery and cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbhppowermanagercsrfvuln.nasl 7006 2017-08-25 11:51:20Z teissa $ HP Power Manager Cross Site Request Forgery CSRF and XSS Vulnerability Authors:...

MG2 0.5.1 Cross Site Scripting

MG2 0.5.1 Multiple XSS Vulnerabilities Vendor: MiniGal Product web page: http://www.minigal.dk Affected version: 0.5.1 Summary: MG2 is the sequel to the popular image gallery script MiniGal. One of the highlights of MG2 is, that it supports PHP running in safe mode which is unsupported by almost...

Dokeos 1.8.6 2 - &#039;style&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/46370/info Dokeos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Dokeos 1.8.6 2 - style Cross-Site Scripting

Dokeos 1.8.6 2 - style Cross-Site Scripting source: https://www.securityfocus.com/bid/46370/info Dokeos is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

Apache Continuum Cross Site Scripting Vulnerability

Apache Continuum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker...

ManageEngine ADSelfService Plus 4.4 - &#039;EmployeeSearch.cc&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/46331/info ManageEngine ADSelfService Plus is prone to multiple vulnerabilities, including multiple security-bypass and cross-site scripting vulnerabilities. Attackers can exploit these issues to bypass certain security restrictions and to execute arbitra...

PHPXref 0.7 - nav.html Cross-Site Scripting

PHPXref 0.7 - nav.html Cross-Site Scripting source: https://www.securityfocus.com/bid/46302/info PHPXref is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code ...

CVE-2011-0924

The client in HP Data Protector does not verify the contents of files associated with the EXECCMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omnichkds.sh...

ViArt Shop 4.0.5 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/46256/info ViArt Shop is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...