Profi Einzelgebots Auktions System Cross Site Scripting

x Author: Andrea Bocchetti x Homepage : www.geekit.it // Software Info Name : Profi Einzelgebots Auktions System Demo : http://hiweb-wiesbaden.de/hammerdealv3/ Price : 399.99 Exploit : http://www.site.com/hammerdealv3/suche.php This script is possibly vulnerable to Cross Site Scripting XSS attack...

Piwik 0.5.5 - form_url Cross-Site Scripting

Piwik 0.5.5 - formurl Cross-Site Scripting source: https://www.securityfocus.com/bid/39144/info Piwik is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser ...

Piwik 0.5.5 - 'form_url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/39144/info Piwik is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

Astaro Security Linux 5 - index.fpl Cross-Site Scripting

Astaro Security Linux 5 - index.fpl Cross-Site Scripting source: https://www.securityfocus.com/bid/38893/info Astaro Security Linux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

agXchange ESM - ucquerydetails.jsp Cross-Site Scripting

agXchange ESM - ucquerydetails.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/38896/info agXchange ESM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

vBulletin 4.0.2 - Search Cross-Site Scripting

vBulletin 4.0.2 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execu...

PHPWind 6.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/38867/info PHPWind is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

ViewVC 'lib/viewvc.py' Cross Site Scripting Vulnerability

ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based...

(Multiple Products) - banner.swf Cross-Site Scripting

Multiple Products - banner.swf Cross-Site Scripting source: https://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute...

Dojo Toolkit 1.4.1 - dijittests_testCommon.js?theme Cross-Site Scripting

Dojo Toolkit 1.4.1 - dijitteststestCommon.js?theme Cross-Site Scripting source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execut...

Dojo Toolkit 1.4.1 - dohrunner.html Multiple Cross-Site Scripting Vulnerabilities

Dojo Toolkit 1.4.1 - dohrunner.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues...

Andromeda 1.9.2 - 's' Cross-Site Scripting / Session Fixation

source: https://www.securityfocus.com/bid/38735/info Andromeda is prone to a cross-site scripting vulnerability and a session-fixation vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site a...

Dojo Toolkit 1.4.1 - '/dijit/tests/_testCommon.js?theme' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38739/info Dojo is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

(Multiple Products) - 'banner.swf' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38732/info Multiple products are prone to a cross-site scripting vulnerability because the applications fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Joomla! Component com_d-greinar - maintree Cross-Site Scripting

Joomla! Component comd-greinar - maintree Cross-Site Scripting source: https://www.securityfocus.com/bid/38714/info The Joomla! 'comd-greinar' component is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue ...

pMyAdmin 3.3.5.1 - db_create.php Cross-Site Scripting

pMyAdmin 3.3.5.1 - dbcreate.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38707/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code ...

[xss] a xss on "threadid" parameter in BBSMAX

i found a xss on "threadid" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=reply&threadid=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=reply&threadid="scriptalert/liscker/;/script BBSMAX Home Page : http://www.bbsmax.com/...

DDL CMS 2.1 - blacklist.php Cross-Site Scripting

DDL CMS 2.1 - blacklist.php Cross-Site Scripting source: https://www.securityfocus.com/bid/38643/info DDL CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Max Network Technology BBSMAX 4.2 - threadid Cross-Site Scripting

Max Network Technology BBSMAX 4.2 - threadid Cross-Site Scripting source: https://www.securityfocus.com/bid/38630/info Max Network Technology BBSMAX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...