[KAPDA::#31] - Runcms 1.x Cross_Site_Scripting vulnerability in bigshow.php

KAPDA::31 - Runcms 1.x CrossSiteScripting vulnerability in bigshow.php KAPDA New advisory Vulnerable products : Runcms 1.x Vendor: www.runcms.org Risk: Low Vulnerabilities: CrossSiteScripting Discoverd by Roozbeh Afrasiabi roozbehatyahoodotcom www.kapda.ir www.persiax.com Date :...

Qto File Manager 1.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18510/info Qto file manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

HitHost 1.0 - 'viewuser.php?hits' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17025/info HitHost is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in th...

Bitweaver 1.1/1.2 - 'Title' HTML Injection

source: https://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in...

Game-Panel 2.6 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16979/info Game-Panel is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this iss...

DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16968/info DVGuestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

phpArcadeScript 2.0 browse.php Multiple Parameter XSS

phpArcadeScript 2.0 browse.php Multiple Parameter XSS. CVE-2006-1082. Webapps exploit for php platform source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of...

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting

CutePHP CuteNews 1.4.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16961/info CuteNews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically...

phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS

phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS. CVE-2006-1082. Webapps exploit for php platform source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of...

SpeedTouchXSS.txt

TITLE: Thomson SpeedTouch 500 series vulnerable to XSS CRITICAL: Less critical IMPACT: Cross Site Scripting SOFTWARE: SpeedTouch 5.3.2.6.0 DESCRIPTION: There consists a vulnerability in the SpeedTouch modems, which can be exploited by malicious people to conduct cross-site scripting attacks, and...

QwikiWiki 1.4 - index.php Cross-Site Scripting

QwikiWiki 1.4 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16874/info QwikiWiki is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Woltlab Burning Board 1.1.12.x - galerie_onfly.php Cross-Site Scripting

Woltlab Burning Board 1.1.12.x - galerieonfly.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker ma...

Woltlab Burning Board 1.1.12.x - galerie_index.php?Username Cross-Site Scripting

Woltlab Burning Board 1.1.12.x - galerieindex.php?Username Cross-Site Scripting source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An...

Woltlab Burning Board 1.1.1/2.x - 'galerie_onfly.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

PEHEPE Membership Management System 3.0 - Sol_menu.php Cross-Site Scripting

PEHEPE Membership Management System 3.0 - Solmenu.php Cross-Site Scripting source: https://www.securityfocus.com/bid/16885/info PEHEPE Membership Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplie...

runcmsXSS.txt

KAPDA::27 - Runcms 1.x CrossSiteScripting vulnerability KAPDA New advisory Vulnerable products : Runcms 1.x Vendor: www.runcms.org Risk: Low Vulnerabilities: CrossSiteScripting Discoverd by Roozbeh Afrasiabi roozbehatyahoodotcom www.kapda.ir www.persiax.com Date : -------------------- Found : Jan...

PEHEPE Membership Management System 3.0 - 'Sol_menu.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16885/info PEHEPE Membership Management System is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting

Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16821/info Battleaxe Software's bttlxeForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...

NOCC 1.0 - no_mail.php?html_no_mail Cross-Site Scripting

NOCC 1.0 - nomail.php?htmlnomail Cross-Site Scripting source: https://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit the...

JGS-Gallery 4.0 - jgs_galerie_slideshow.php Multiple Cross-Site Scripting Vulnerabilities

JGS-Gallery 4.0 - jgsgalerieslideshow.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An...