6712 matches found
FishCart 3.1 - 'display.php?nlst' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues could allow an attacker to compromise...
CVE-2005-1154
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...
CVE-2005-1191
The Web View DLL webvw.dll, as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe "'" in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when t...
security flaw
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...
GrayCMS 1.1 - error.php Remote File Inclusion
GrayCMS 1.1 - error.php Remote File Inclusion source: https://www.securityfocus.com/bid/13381/info GrayCMS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute...
GLSA-200504-23 : Kommander: Insecure remote script execution
The remote host is affected by the vulnerability described in GLSA-200504-23 Kommander: Insecure remote script execution Kommander executes data files from possibly untrusted locations without user confirmation. Impact : An attacker could exploit this to execute arbitrary code with the permission...
phpBB 2.0.x - viewtopic.php Cross-Site Scripting
phpBB 2.0.x - viewtopic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13345/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
CartWIZ 1.10 - TellAFriend.asp Cross-Site Scripting
CartWIZ 1.10 - TellAFriend.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13336/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to hav...
CartWIZ 1.10 - 'Access.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13338/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
CartWIZ 1.10 - 'searchresults.asp' Name Argument Cross-Site Scripting
source: https://www.securityfocus.com/bid/13343/info CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
ASPNuke 0.80 - Select.asp Cross-Site Scripting
ASPNuke 0.80 - Select.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13320/info ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
ASPNuke 0.80 - profile.asp Cross-Site Scripting
ASPNuke 0.80 - profile.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13319/info ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
security flaw
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...
ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting
ProfitCode Software PayProCart 3.0 - AdminShop MMActionComm Cross-Site Scripting source: https://www.securityfocus.com/bid/13309/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacke...
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting source: https://www.securityfocus.com/bid/13305/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...
ProfitCode Software PayProCart 3.0 - AdminShop HDoc Cross-Site Scripting
source: https://www.securityfocus.com/bid/13305/info PayProCart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
CVE-2005-1191
Summary : CVE-2005-1191 affects the Web View DLL (webvw.dll) used by Windows Explorer on Windows 2000. The flaw arises from insufficient validation of the Author field in file metadata, allowing an attacker to craft a name that, when Web View creates a mailto: link in the preview pane, results in...
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting
CityPost PHP Image Editor M1M2M3ImgsrcM4 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/13256/info source: https://www.securityfocus.com/bid/13257/info source: https://www.securityfocus.com/bid/13258/info source: https://www.securityfocus.com/bid/13259/info source:...
OneWorldStore - DisplayResults.asp Cross-Site Scripting
OneWorldStore - DisplayResults.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13251/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...
MVNForum 1.0 - Search Cross-Site Scripting
MVNForum 1.0 - Search Cross-Site Scripting source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...