Nuke BookMarks 0.6 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12907/info Nuke Bookmarks is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based...

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting

Dream4 Koobi CMS 4.2.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12895/info Koobi CMS is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

PHPSysInfo 2.02.3 - sensor_program Cross-Site Scripting

PHPSysInfo 2.02.3 - sensorprogram Cross-Site Scripting source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...

DigitalHive 2.0 - membres.php?mt Cross-Site Scripting

DigitalHive 2.0 - membres.php?mt Cross-Site Scripting source: https://www.securityfocus.com/bid/12883/info DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

PHPSysInfo 2.0/2.3 - 'sensor_program' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

DigitalHive 2.0 - 'msg.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12883/info DigitalHive is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed i...

Interspire ArticleLive 2005 - NewComment Cross-Site Scripting

source: https://www.securityfocus.com/bid/12879/info Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

TRG News 3.0 Script - Remote File Inclusion

TRG News 3.0 Script - Remote File Inclusion source: https://www.securityfocus.com/bid/12855/info A remote file include vulnerability affects TRG News. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical functionality...

CzarNews 1.131.14 - headlines.php Remote File Inclusion

CzarNews 1.131.14 - headlines.php Remote File Inclusion source: https://www.securityfocus.com/bid/12857/info CzarNews is prone to a remote file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of th...

CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting

CoolForum 0.50.70.8 - avatar.php?img Cross-Site Scripting source: https://www.securityfocus.com/bid/12852/info Multiple remote input validation vulnerabilities affect CoolForum. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carr...

[UNIX] Multiple Vulnerabilities in phpWebLog (Cross Site Scripting, File Inclusion)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate...

YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting

YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting source: https://www.securityfocus.com/bid/12756/info A remote cross-site scripting vulnerability affects YaBB. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically...

Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion

Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion source: https://www.securityfocus.com/bid/12735/info PHP Form Mail Script is prone to remote file include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the...

CuteNews <= 1.3.6 Multiple XSS

According to its version number, the remote host is running a version of CuteNews that allows an attacker to inject arbitrary script through the variables 'X-FORWARDED-FOR' or 'CLIENT-IP' when adding a comment. On one hand, an attacker can inject a client-side script to be executed by an...

CVE-2005-0591

CVE-2005-0591 affects Firefox prior to 1.0.1, allowing remote spoofing of the security and download modal dialogs (Firespoofing). Red Hat advisory RHSA-2005:176 and CentOS notes indicate that Firefox was updated and recommend upgrading to Mozilla 1.7.7 to remediate the issue.

phpMyAdmin 2.6 - Multiple Local File Inclusions

phpMyAdmin 2.6 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP...

phpMyAdmin 2.6 - theme_right.css.php Multiple Cross-Site Scripting Vulnerabilities

phpMyAdmin 2.6 - themeright.css.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied...

phpMyAdmin 2.6 - Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include', 'require', 'require-once', or similar...