MVNForum 1.0 - Search Cross-Site Scripting

source: https://www.securityfocus.com/bid/13213/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting

RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/13168/info A remote cross-site scripting vulnerability affects the RSA Security RSA Authentication Agent for Web. This issue is due to a failure of the application to properly saniti...

Microsoft Windows - HTA Script Execution (MS05-016)

Microsoft Windows - HTA Script Execution MS05-016 / Changed date in db to place it on the main page instead of it being bumped off /str0ke / /++ MS05-016 POC Made By ZwelL [email protected] 2005.4.13 All information from : http://www.securityfocus.net/archive/1/395563/2005-04-10/2005-04-16/0 You nee...

OneWorldStore - OWListProduct.asp Cross-Site Scripting

OneWorldStore - OWListProduct.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...

All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion

All4WWW-HomePageCreator 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/13169/info All4WWW-Homepagecreator is affected by an arbitrary remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input befo...

Microsoft Windows - 'HTA' Script Execution (MS05-016)

/ Changed date in db to place it on the main page instead of it being bumped off /str0ke / /++ MS05-016 POC Made By ZwelL [email protected] 2005.4.13 All information from : http://www.securityfocus.net/archive/1/395563/2005-04-10/2005-04-16/0 You need make a .hta file to use it. Like: set...

iDEFENSE Security Advisory 04.12.05: Microsoft MSHTA Script Execution Vulnerability

Microsoft MSHTA Script Execution Vulnerability iDEFENSE Security Advisory 04.12.05 www.idefense.com/application/poi/display?id=231&type=vulnerabilities April 12, 2005 I. BACKGROUND Microsoft HTML Application Host MSHTA is part of the Microsoft Windows operating system and is needed to execute .HT...

Comersus Cart 4.05.0 - Comersus_Search_Item.asp Cross-Site Scripting

Comersus Cart 4.05.0 - ComersusSearchItem.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may...

Pinnacle Cart - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13138/info Pinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

Comersus Cart 4.0/5.0 - 'Comersus_Search_Item.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

XAMPP - 'Phonebook.php' Multiple Remote HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may leverage these issues to execute...

PostNuke Phoenix 0.760 RC3 - 'OP' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13075/info A remote cross-site scripting vulnerability affects PostNuke. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this...

Active Auction House - sendpassword.asp Multiple Cross-Site Scripting Vulnerabilities

Active Auction House - sendpassword.asp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13038/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly...

PHP-Nuke 7.6 - 'banners.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13026/info PHP-Nuke is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...

PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

Ocean12 Membership Manager Pro - Cross-Site Scripting

Ocean12 Membership Manager Pro - Cross-Site Scripting source: https://www.securityfocus.com/bid/13046/info Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/12984/info Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplie...

Alstrasoft EPay Pro 2.0 - Remote File Inclusion

source: https://www.securityfocus.com/bid/12973/info EPay Pro is reported prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'view' parameter. An attacker may leverage this...

UApplication Ublog 1.0.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentia...

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...