UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting

UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

ATutor 1.4.3 - contact.php?subject Cross-Site Scripting

ATutor 1.4.3 - contact.php?subject Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...

ATutor 1.4.3 - inboxindex.php?view Cross-Site Scripting

ATutor 1.4.3 - inboxindex.php?view Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...

ATutor 1.4.3 - subscribe_forum.php?us Cross-Site Scripting

ATutor 1.4.3 - subscribeforum.php?us Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

ATutor 1.4.3 - tile.php Multiple Cross-Site Scripting Vulnerabilities

ATutor 1.4.3 - tile.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker m...

ATutor 1.4.3 - 'content.php?cid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

ATutor 1.4.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

ATutor 1.4.3 - 'send_message.php?l' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

ATutor 1.4.3 - 'contact.php?subject' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

YaPiG 0.9x - view.php Cross-Site Scripting

YaPiG 0.9x - view.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13875/info YaPiG is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

[Full-disclosure] XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version))

XSS Bug in Jaws Glossary v 0.4 - 0.5.1 latest version STATUS: The vendor has been contacted, fixed in cvs. Jaws is a Framework and Content Management System for building dynamic web sites. It aims to be User Friendly giving ease of use and lots of ways to customize web sites, but at the same time...

BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'LoginForm.jsp' script. An attacker may leverage th...

BookReview 1.0 - 'suggest_review.htm?node' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

BookReview 1.0 - 'add_url.htm?node' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

Groove Virtual Office / Workspace Multiple Vulnerabilities

According the remote registry, the version of Groove Virtual Office or Groove Workspace on the remote host suffers from multiple vulnerabilities. Some of these flaws may allow for arbitrary script execution, disclosure of sensitive information, and denial of service, all from remote users. C...

CVE-2002-1662

CVE-2002-1662 corresponds to multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11. The issues allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration. This is described in the NVD e...

CVE-2003-1204

Multiple cross-site scripting XSS vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via 1 the link parameter in sectionswindow.php, the directory parameter in 2 gallery.php, 3 navigation.php, or 4 uploadimage.php, the path...

Skull-Splitter Guestbook Multiple Field XSS

The remote version of this software is vulnerable to cross-site scripting attacks. Inserting special characters into the subject or message content can cause arbitrary script code execution for third-party users, thus resulting in a loss of integrity of their system. %NASLMINLEVEL 70300 This scri...

CVE-2004-1969

The avatar upload capability in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript...

CVE-2005-1337

Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI...