SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities

SQLiteManager 1.2 - main.php Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/22731/info SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an...

PhotoStand 1.2 - index.php Cross-Site Scripting

PhotoStand 1.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22707/info PhotoStand is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

Active Calendar 1.2 - datam_2.php?css Cross-Site Scripting

Active Calendar 1.2 - datam2.php?css Cross-Site Scripting source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Active Calendar 1.2 - datajs.php?css Cross-Site Scripting

Active Calendar 1.2 - datajs.php?css Cross-Site Scripting source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Active Calendar 1.2 - '/data/mysqlevents.php?css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Active Calendar 1.2 - '/data/y_2.php?css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Active Calendar 1.2 - '/data/m_4.php?css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Active Calendar 1.2 - '/data/flatevents.php?css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Active Calendar 1.2 - '/data/y_3.php?css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22705/info Active Calendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Shop Kit Plus - StyleCSS.php Local File Inclusion

Shop Kit Plus - StyleCSS.php Local File Inclusion source: https://www.securityfocus.com/bid/22697/info Shop Kit Plus is prone to a local file-include vulnerability because it fails to adequately sanitize user-supplied data. An attacker can exploit this vulnerability using directory-traversal...

Shop Kit Plus - 'StyleCSS.php' Local File Inclusion

source: https://www.securityfocus.com/bid/22697/info Shop Kit Plus is prone to a local file-include vulnerability because it fails to adequately sanitize user-supplied data. An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of...

CedStat 1.31 - index.php Cross-Site Scripting

CedStat 1.31 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22653/info CedStat is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code ...

AbleDesign MyCalendar 2.20.3 - index.php Multiple Cross-Site Scripting Vulnerabilities

AbleDesign MyCalendar 2.20.3 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/22635/info MyCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...

AbleDesign MyCalendar 2.20.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/22635/info MyCalendar is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Spyce 2.1.3 - docsexampleshandlervalidate.spy?x Cross-Site Scripting

Spyce 2.1.3 - docsexampleshandlervalidate.spy?x Cross-Site Scripting source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to...

Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure

source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Calendar Express - search.php Cross-Site Scripting

Calendar Express - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22578/info Calendar Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

Deskpro 1.1 - 'faq.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/22577/info Deskpro is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

TaskFreak! 0.5.5 - error.php Cross-Site Scripting

TaskFreak! 0.5.5 - error.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22537/info TaskFreak! is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

EWay 4 - Default.APSX Cross-Site Scripting

EWay 4 - Default.APSX Cross-Site Scripting source: https://www.securityfocus.com/bid/22528/info eWay is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...