6666 matches found
CuteNews 1.4.5 - rss_title Cross-Site Scripting
CuteNews 1.4.5 - rsstitle Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...
Debian DSA-1208-1 : bugzilla - several vulnerabilities
Several remote vulnerabilities have been discovered in the Bugzilla bug tracking system, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4534 Javier Fernandez-Sanguino Pena discovered that insecure...
BirdBlog 1.4 - '/admin/admincore.php?msg' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21184/info BirdBlog is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...
Blog:CMS 4.1.3 - 'list.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21173/info BLOG:CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user i...
Eggblog 3.1 admin/comments.php edit Parameter XSS
Eggblog 3.1 admin/comments.php edit Parameter XSS. CVE-2006-6046. Webapps exploit for php platform source: http://www.securityfocus.com/bid/21134/info Eggblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting
BlogTorrent Preview 0.92 - Announce.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21125/info BlogTorrent Preview is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to hav...
Odysseus Blog 1.0 - blog.php Cross-Site Scripting
Odysseus Blog 1.0 - blog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21128/info Odysseus Blog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
BlogTorrent Preview 0.92 - 'Announce.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21125/info BlogTorrent Preview is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
Selenium Web Server 1.0 - Cross-Site Scripting
Selenium Web Server 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/21100/info Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities
Yetihost Helm 3.2.10 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21096/info Helm is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
Selenium Web Server 1.0 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/21100/info Biba Selenium Web Server is prone to a cross-site scripting because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting...
Plesk 7.5/8.0 - 'get_password.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21067/info Plesk is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to...
IBM Websphere 6.0 - Faultactor Cross-Site Scripting
IBM Websphere 6.0 - Faultactor Cross-Site Scripting source: https://www.securityfocus.com/bid/21018/info IBM WebSphere is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
Roundcube Webmail 0.1 - index.php Cross-Site Scripting
Roundcube Webmail 0.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21042/info Roundcube Webmail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script co...
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities
cPanel 10 - newuser.html Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21027/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have...
DirectAdmin 1.281.29 - CMD_EMAIL_VACATION_MODIFY Cross-Site Scripting
DirectAdmin 1.281.29 - CMDEMAILVACATIONMODIFY Cross-Site Scripting source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
DirectAdmin 1.28/1.29 - 'CMD_TICKET_CREATE' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
DirectAdmin 1.28/1.29 - 'CMD_EMAIL_LIST' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
DirectAdmin 1.28/1.29 - 'CMD_TICKET' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities
LandShop 0.6.3 - ls.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/20989/info LandShop is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...