Mozilla Firefox cross-site scripting vulnerability

Overview Mozilla Firefox, web browser from Mozilla Corporation and Mozilla Japan, contains a cross-site scripting vulnerability. Mozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability. Impact An...

MailDwarf cross-site scripting vulnerability

Overview MailDwarf is a mail form CGI provided by HTML Dwarf. MailDwarf contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...

Overlay Weaver cross-site scripting vulnerability

Overview Overlay Weaver is software for constructing and emulating overlay network. Overlay Weaver's DHT shell contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

Internet Explorer vulnerable in MHTML handling

Overview Internet Explorer is vulnerable in handling MHTML MIME Encapsulation of Aggregate HTML protocol, which allows an arbitrary script execution. When Internet Explorer accesses a website with the MHTML protocol, Internet Explorer processes the contents as MHTML data, ignoring their actual...

Internet Explorer vulnerable in handling MHTML protocol

Overview Internet Explorer is vulnerable in handling MHTML MIME Encapsulation of Aggregate HTML protocol, which allows the download dialog box to be bypassed. Some versions of Outlook Express are affected because the vulnerability is contained in Outlook Express component used by Internet Explore...

rktSNS cross-site scripting vulnerability

Overview rktSNS, an open source social networking service engine provided by rakuto.net, contains a cross-site scripting vulnerability. rktSNS, provided by rakuto.net, is open source software for community site construction. rktSNS contains a cross-site scripting vulnerability. Impact An arbitrar...

Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"

Overview modimap and modimagemap modules of the Apache HTTP Server are vulnerable to cross-site scripting. The Apache HTTP Server is open source web server software. The Apache HTTP Server modules modimap and modimagemap provide server-side imagemap processing capability. The Apache HTTP Server...

Meneame cross-site scripting vulnerability

Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...

Apache Tomcat sample web application cross-site scripting vulnerability

Overview Apache Tomcat, from the Apache Software Foundation, contains a cross-site scripting vulnerability in its sample program. Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page JSP technologies. jsp-examples, a sample web application...

sHTTPd cross-site scripting vulnerability

Overview sHTTPd, from Uchu Ninja Neko-dan, contains a cross-site scripting vulnerability. sHTTPd from Uchu Ninja Neko-dan is a web server for Windows. sHTTPd contains a cross-site scripting vunerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...

Nessus report function vulnerable to arbitrary script execution

Overview Nessus scanning report in HTML format contains the target server's responses against Nessus scanning. Nessus fails to properly handle the responses. This may cause a script to be executed on a user's web browser when the user views the report. Nessus, a vulnerability scanner from Tenable...

Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting

Overview Fulltext search CGI from futomi's CGI Cafe contains a cross-site scripting vulnerability. Fulltext search CGI, website search software from futomi's CGI Cafe, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...

Lotus Domino cross-site scripting vulnerability

Overview IBM Lotus Domino contains a cross-site scripting vulnerability. IBM Lotus Domino is server software for Lotus Notes, groupware from IBM. Lotus Domino contains a cross-site scripting vulnerability. Impact An attacker could execute an arbitrary script on the web browser of a user who...

HttpLogger vulnerable to cross-site scripting

Overview KLab HttpLogger is vulnerable to cross-site scripting. Klab HttpLogger is full-text search software for web browser histories. HttpLogger is vulnerable to cross-site scripting. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the...

Google Web Toolkit vulnerable to cross-site scripting

Overview Google Web Toolkit GWT is vulnerable to cross-site scripting. Google Web Toolkit GWT is an open source software development framework that allows web developers to create Ajax applications in Java. The benchmark reporting system in GWT is vulnerable to cross-site scripting. Impact An...

w3ml cross-site scripting vulnerability

Overview w3ml, a program used to display mailing list logs on the web site, contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the user's web browser which may allow an attacker to steal cookie information. Solution None...

Wiki clone cross-site scripting vulnerability

Overview Some Wiki clones contain a vulnerability which could lead to cross-site scripting in their file attachment function. This could allow an attacker to execute an arbitrary script on the browser of a Wiki user. Impact An arbitrary script may be executed on the browser of the user who viewed...

osCommerce 2.1/2.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29055/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...

Chicomas 2.0.4 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29025/info ChiCoMaS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

CoronaMatrix phpAddressBook 2.0 - 'username' Cross-Site Scripting Vulnerability

CoronaMatrix phpAddressBook 2.0 'username' Cross Site Scripting Vulnerability. CVE-2008-6646. Webapps exploit for php platform source: http://www.securityfocus.com/bid/29005/info phpAddressBook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied...