72 matches found
OpenSolution Quick.Cart - Local File Inclusion / Cross-Site Scripting
source: https://www.securityfocus.com/bid/42182/info Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...
WebShop Hun 1.062s - '/index.php' Local File Inclusion / Cross-Site Scripting
source: https://www.securityfocus.com/bid/43429/info WebShop Hun is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversa...
Cross site scripting
Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service memory consumption via a long...
Sitekit CMS 6.6 - Request-call-back.html?ClickFrom Cross-Site Scripting
Sitekit CMS 6.6 - Request-call-back.html?ClickFrom Cross-Site Scripting source: https://www.securityfocus.com/bid/16016/info Sitekit CMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...
Tunez 1.21 - 'search.php?searchFor' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15548/info Tunez is prone to multiple input validation vulnerabilities. The application is affected by an SQL injection vulnerability and a cross-site scripting issue. Successful exploitation of the SQL injection issue could result in a compromise of the...
ModernGigabyte ModernBill 4.3 - C_CODE Cross-Site Scripting
ModernGigabyte ModernBill 4.3 - CCODE Cross-Site Scripting source: https://www.securityfocus.com/bid/13087/info ModernBill is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'ccode' parameter. This...
RHEL 2.1 / 3 : mozilla (RHSA-2004:110)
Updated Mozilla packages that fix vulnerabilities in S/MIME parsing as well as other issues and bugs are now available. Mozilla is a Web browser and mail reader, designed for standards compliance, performance and portability. Network Security Services NSS is a set of libraries designed to support...
Corsaire Security Advisory: PeopleSoft IScript XSS issue
-- Corsaire Security Advisory -- Title: PeopleSoft IScript XSS issue Date: 04.07.03 Application: PeopleTools 8.20/8.43 and prior Environment: Various Author: Glyn Geoghegan [email protected] Audience: General distribution Reference: c030704-004 -- Scope -- The aim of this document is to...
Cross site scripting in Onecenter forum 4.0
Issue : cross site scripting in Onecenter forum Affected Product : Onecenter forum 4.0 Description : Onecenter offers a free discussion forum hosted in the company's servers forum.onecenter.com . Any user in the forum is identified by a cookie that contains nick , name , mail address and password...
Microsoft Internet Explorer 56 - FTP Web View Cross-Site Scripting
Microsoft Internet Explorer 56 - FTP Web View Cross-Site Scripting source: https://www.securityfocus.com/bid/4954/info A cross site scripting issue has been reported with some versions of Microsoft Internet Explorer for Windows. Under some configurations, data included within a FTP URL will be...
Stack Overflow in MSHTML.DLL
Stack Overflow in MSHTML.DLL Systems affected: Any program using MSHTML.DLL for HTML parsing Internet Explorer, Outlook/Outlook Express and other HTML-enabled emailreaders. Reliably tested on IE4.0 and higher on any Windows system, with any servicepacks and patches. Older versions of MSHTML.DLL m...
CVE-2000-0597
Microsoft Office 2000 Excel and PowerPoint and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications VBA SaveAs function, aka the "Office HTML Script...