6666 matches found
Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to determine path information or to...
Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting
Mozilla Multiple Products - Server Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issue...
Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting
source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive...
moinmoin -- cross-site scripting vulnerabilities
Secunia reports: Input passed via multiple parameters to action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site...
Online Contact Manager 3.0 - email.php?id Cross-Site Scripting
Online Contact Manager 3.0 - email.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues ...
Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting
Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...
Online Contact Manager 3.0 - 'email.php?id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
RedHat Stronghold Web Server 2.3 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/34606/info Red Hat Stronghold Web Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...
Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting
Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple...
Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)
Apache Geronimo 2.1.x - Cross-Site Request Forgery Multiple Admin Function source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability -...
RazorCMS 0.3RC2 - Multiple Vulnerabilities
RazorCMS 0.3RC2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities. Attackers...
Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)
source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - A cross-site request-forgery...
Apache Geronimo 2.1.x - '/console/portal/Server/Monitoring' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - A cross-site request-forgery...
Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities
Novell Teaming 1.0 - User Enumeration Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34531/info Novell Teaming is prone to a user-enumeration weakness and multiple cross-site scripting vulnerabilities. A remote attacker can exploit the user-enumeration...
Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability
Description Microsoft ISA Internet Security and Acceleration Server and Forefront Threat Management Gateway TMG are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...
Banshee 1.4.2 DAAP Extension - appswebvs_diag.cgi Cross-Site Scripting
Banshee 1.4.2 DAAP Extension - appswebvsdiag.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...
Banshee 1.4.2 DAAP Extension - '/apps/web/vs_diag.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...
MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities
MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...
MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities
MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Horde Turba 'services/obrowser/index.php' HTML Injection Vulnerability
Horde Turba is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to...