Joomla! JReservation Component Cross-Site Scripting Vulnerability

Joomla! JReservation Component Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40690/info The JForJoomla JReservation component for Joomla! is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize...

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/41664/info Juniper Networks SA2000 SSL VPN appliance is prone to a cross-site scripting vulnerability because the web interface fails to properly sanitize user-supplied input. An...

Internet Explorer and SharePoint 'toStaticHTML' Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer and Microsoft SharePoint are prone to a cross-domain information-disclosure vulnerability because they fail to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another doma...

BoastMachine 3.1 - key Cross-Site Scripting

BoastMachine 3.1 - key Cross-Site Scripting source: https://www.securityfocus.com/bid/40623/info boastMachine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...

McAfee Unified Threat Management Firewall 4.0.6 - 'page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40708/info McAfee Unified Threat Management UTM Firewall formerly SnapGear is prone to a cross-site scripting vulnerability because the device's web interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Cross-site Scripting (XSS) Vulnerabilities in odCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in odCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in odCMS 1.1 The vulnerability exists due to input sanitation error in the "content" parameter in...

JForum 2.1.8 - 'Username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40880/info JForum is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

WordPress Plugin Gigya Socialize 1.0/1.1.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

log1 CMS 2.0 - Session Handling Remote Security Bypass Remote File Inclusion

log1 CMS 2.0 - Session Handling Remote Security Bypass Remote File Inclusion source: https://www.securityfocus.com/bid/40636/info log1 CMS is prone to a security-bypass vulnerability because of a design flaw and a remote file-include vulnerability because it fails to properly sanitize user-suppli...

MoinMoin 1.x - 'PageEditor.py' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40549/info MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CMScout 2.08 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/40442/info CMScout is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

PHP-Calendar 'description' and 'lastaction' Cross Site Scripting Vulnerabilities

PHP-Calendar is prone to Cross Site Scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla! 1.5.x - Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities

Joomla! 1.5.x Multiple Modules 'search' Parameter Cross-Site Scripting Vulnerabilities. CVE-2010-1649. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40444/info Joomla! is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize...

Cross-site Scripting (XSS) Vulnerabilities in FlatNux CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in FlatNux CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in FlatNux CMS 1.1 The vulnerability exists due to input sanitation error in the "body"...

Cacti Multiple Cross Site Scripting Vulnerabilities

Cacti is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user- supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allo...

Ruubikcms 1.0.3 - index.php Cross-Site Scripting

Ruubikcms 1.0.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40375/info RuubikCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage thi...

Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass Cross-Site Request Forgery Vulnerabilities

Cisco DPC2100 2.0.2 r1256-060303 - Multiple Security Bypass Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/40346/info Cisco DPC2100 formerly Scientific Atlanta DPC2100 is prone to multiple security-bypass and cross-site request-forgery vulnerabilities...

Getsimple CMS 2.01 - 'components.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40374/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Shopzilla Affiliate Script PHP - search.php Cross-Site Scripting

Shopzilla Affiliate Script PHP - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40246/info Shopzilla Affiliate Script PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40134/info C99Shell is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...