Zoomblog HTML Injection Vulnerability

DESCRIPTION Zoomblog is prone to HTML injection attacks. It is possible for a malicious Zoomblog user to inject hostile HTML and script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of Zoomblog. Zoomblog does not adequate...

ICECast XSS

The remote server runs a version of ICECast which is as old as or older than version 1.3.12. This version is affected by a cross-site scripting vulnerability in the status display functionality. This issue is due to a failure of the application to properly sanitize user-supplied input. As a resul...

CactuShop XSS and SQL injection flaws

The remote host runs CactuShop, an e-commerce web application written in ASP. The remote version of this software is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in the script 'popuplargeimage.asp'. Successful exploitation of this issue may allow an...

ASP-DEv XM Forum IMG Tag Script Injection Vulnerability

The remote web server contains an ASP script which is vulnerable to a cross site scripting issue. Description : The remote host appears to be running the ASP-DEV XM Forum. There is a flaw in the remote software which may allow anyone to inject arbitrary HTML and script code through the BBCode IMG...

BlackBoard Internet Newsboard System remote file include flaw

The remote version of BlackBoard Internet Newsboard System is vulnerable to a remote file include flaw due to a lack of sanitization of user-supplied data. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

BasiliX Message Content Script Injection Vulnerability

The remote web server contains PHP scripts that are prone to cross-site scripting attacks. Description : The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are vulnerable to cross-scripting attacks since they do not filter HTML tags when showing a message. As a...

vBulletin < 2.3.6, 3.0.x < 3.0.6 XSS Vulnerability

vBulletin is vulnerable to a cross-site scripting XSS issue, due to a failure of the application to properly sanitize user-supplied URI input. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

RM SafetyNet Plus XSS

The remote host runs SafetyNet Plus, a popular educational filtering service. This version is vulnerable to multiple cross-site scripting due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerab...

FuseTalk forum XSS

The remote host is using FuseTalk, a web based discussion forum. A vulnerability exists in the script SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Simple PHP Blog 0.4 - &#039;colors.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed i...

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Simple PHP Blog 0.4 - preview_static_cgi.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - previewstaticcgi.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize...

Snitz Forum 2000 - &#039;post.asp&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/15241/info Snitz Forum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser ...

Snitz Forum 2000 - post.asp Cross-Site Scripting

Snitz Forum 2000 - post.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15241/info Snitz Forum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to ha...

phpMyAdmin 2.7 - sql.php Cross-Site Scripting

phpMyAdmin 2.7 - sql.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17487/info PHPMyAdmin is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

phpFaber CMS 1.3.36 - Htmlarea.php Cross-Site Scripting

phpFaber CMS 1.3.36 - Htmlarea.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20821/info phpFaber CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

sparkleBlogXSS.txt

SparkleBlog is prone to HTMl injection attacks. It is possible for a malicious SparkleBlog user to inject hostile HTML script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of SparkleBlog. SparkleBlog does not adequately...

ASP Fast Forum - error.asp Cross-Site Scripting

ASP Fast Forum - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15233/info ASP Fast Forum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15223/info PBLang is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

RSA ACE Agent 5.x - Image Cross-Site Scripting

source: https://www.securityfocus.com/bid/15206/info RSA ACE Agent is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user i...