PHP-Stats 0.1.9.2 - 'WhoIs.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Storesprite XSS vuln.

Storesprite XSS vuln. Vuln. discovered by : r0t Date: 10 August 2007 vendor:http://www.storesprite.com/ orginal advisory: http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html affected versions:Storesprite 7 and previous Storesprite contains a flaw that allows a remote Cross-Site...

OpenWebMail Multiple XSS vuln.

OpenWebMail Multiple XSS vuln. Vuln. discovered by : r0t Date: 2 August 2007 vendor:openwebmail.org orginal advisory: http://pridels-team.blogspot.com/2007/08/openwebmail-multiple-xss-vuln.html affected versions:2.52 20060831 and previous OpenWebMail contains multiple flaws that allows a remote...

FreeBSD : joomla -- multiple vulnerabilities (4872d9a7-4128-11dc-bdb0-0016179b2dd5)

A Secunia Advisory reports : joomla can be exploited to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks. Certain unspecified input passed in comsearch, comcontent and modlogin is not properly sanitised before being returned to a user. This can be...

WebEvent 4.03 - Webevent.cgi Cross-Site Scripting

WebEvent 4.03 - Webevent.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/25148/info WebEvent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

WebEvent 4.03 - 'Webevent.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25148/info WebEvent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

FreeBSD : drupal -- Multiple XSS vulnerabilities (1f5b711b-3d0e-11dc-b3d3-0016179b2dd5)

The Drupal Project reports : Some server variables are not escaped consistently. When a malicious user is able to entice a victim to visit a specially crafted link or webpage, arbitrary HTML and script code can be injected and executed in the context of the victim's session on the targeted websit...

IT!CMS 0.2 - 'lang-en.php?wndtitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...

phpsysinfo-xss.txt

HSC PHPSysInfo Index.php Cross Site Scripting PhpSysInfo is a PHP script that displays information about the host being accessed. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the...

Bandersnatch 0.4 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/25094/info Bandersnatch is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include multiple SQL-injections vulnerabilities and an HTML-injection vulnerability. A successful...

Nukedit 4.9.x - login.asp Cross-Site Scripting

Nukedit 4.9.x - login.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/25081/info Nukedit is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

WordPress Plugin WP-FeedStats 2.1 - HTML Injection

WordPress Plugin WP-FeedStats 2.1 - HTML Injection source: https://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker...

Nukedit 4.9.x - 'login.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25081/info Nukedit is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

drupal -- Multiple cross-site scripting vulnerabilities

The Drupal Project reports: Some server variables are not escaped consistently. When a malicious user is able to entice a victim to visit a specially crafted link or webpage, arbitrary HTML and script code can be injected and executed in the context of the victim's session on the targeted website...

W1L3D4 philboard 0.3 - Cross-Site Scripting

W1L3D4 philboard 0.3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/25055/info W1L3D4 Philboard is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

cPanel 10.9.1 - Resname Cross-Site Scripting

cPanel 10.9.1 - Resname Cross-Site Scripting source: https://www.securityfocus.com/bid/25047/info cPanel is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...

ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities

ASP cvmatik 1.1 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/25008/info Asp cvmatik is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminmembersearch.php Multiple Cross-Site Scripting Vulnerabilities

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminmembersearch.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly...

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting

Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplie...

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities

Alstrasoft Video Share Enterprise 4.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and...