PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities

PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17688/info phpWebFTP is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input using the HTTP 'POST'...

NextAge Shopping Cart - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/17685/info NextAge Shopping Cart is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed...

Instant Photo Gallery 1.0 - 'member.php?member' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17696/info Instant Photo Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is the next-generation web browser from the Mozilla project. Description Several vulnerabilities were found in Mozilla Firefox. Versions 1.0.8 and 1.5.0.2 were released to fix them. Impact A remote attacker could craft malicious web pages that would leverage these issue...

phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities

Secunia reports: phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited to...

phpLDAPadmin 0.9.8 - compare_form.php Cross-Site Scripting

phpLDAPadmin 0.9.8 - compareform.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...

phpLDAPadmin 0.9.8 - template_engine.php Cross-Site Scripting

phpLDAPadmin 0.9.8 - templateengine.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can...

phpLDAPadmin 0.9.8 - rename_form.php Cross-Site Scripting

phpLDAPadmin 0.9.8 - renameform.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...

phpLDAPadmin 0.9.8 - search.php Cross-Site Scripting

phpLDAPadmin 0.9.8 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit thes...

phpLDAPadmin 0.9.8 - 'template_engine.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in...

phpLDAPadmin 0.9.8 - 'compare_form.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary HTML and script code in...

MS06-017: FrontPage fpadmdll.dll Multiple Parameter XSS (917627)

The version of Microsoft FrontPage Server Extensions 2002 / SharePoint Team Services on the remote host is affected by a cross-site scripting XSS vulnerability due to improper sanitization of user-supplied input to the 'operation', 'command', and 'name' parameters to file...

[eVuln] MWGuest XSS Vulnerability

New eVuln Advisory: MWGuest XSS Vulnerability http://evuln.com/vulns/122/summary.html --------------------Summary---------------- eVuln ID: EV0122 Vendor: Manic Web Software: MWGuest Sowtware's Web Site: http://www.manicweb.co.uk/ Versions: 2.1.0 Critical Level: Harmless Type: Cross-Site Scriptin...

W2B Online Banking - SID Cross-Site Scripting

W2B Online Banking - SID Cross-Site Scripting source: https://www.securityfocus.com/bid/17626/info W2B Online Banking is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue t...

ThWboard 3.0 - index.php Cross-Site Scripting

ThWboard 3.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17627/info ThWboard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

ThWboard 3.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17627/info ThWboard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

Portal Pack 6.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17628/info Portal Pack is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

W2B Online Banking - 'SID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17626/info W2B Online Banking is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Manic Web MWGuest 2.1 - 'MWguest.php' HTML Injection

source: https://www.securityfocus.com/bid/17630/info MWGuest is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context...

CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting

CutePHP CuteNews 1.4.1 Editnews Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/17592/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...