Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vulnerability

Microsoft SharePoint Server 2007 and SharePoint Services 3.0 are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

PlantVisor Enhanced Unspecified Directory Traversal Vulnerability

PlantVisor Enhanced is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks...

Cogent DataHub Multiple Vulnerabilities - Active Check

Cogent DataHub is prone to a directory traversal vulnerability, an information disclosure vulnerability and to multiple buffer-overflow and integer-overflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

PHP Support Tickets 'page' Parameter Remote PHP Code Execution Vulnerability - Active Check

PHP Support Tickets is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Atutor AContent Multiple SQL Injection and XSS Vulnerabilities

Atutor AContent is prone to multiple cross site scripting and SQL injection vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Hastymail2 < 1.1 RC1 Multiple XSS Vulnerabilities

Hastymail2 is prone to multiple cross-site scripting XSS vulnerabilities because it fails to sufficiently sanitize user-supplied data. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Pandora FMS 'index.php' Cross Site Scripting Vulnerability

Pandora FMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker t...

NetSaro Enterprise Messenger Cross Site Scripting and HTML Injection Vulnerabilities

NetSaro Enterprise Messenger is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted...

WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability

KingView is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL-Ledger SQL Injection Vulnerability

LedgerSMB and SQL-Ledger are prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

Tourismscripts Hotel Portal - &#039;hotel_city&#039; HTML Injection

source: https://www.securityfocus.com/bid/49297/info Hotel Portal is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to...

TotalShopUK 1.7.2 - index.php SQL Injection

TotalShopUK 1.7.2 - index.php SQL Injection source: https://www.securityfocus.com/bid/49263/info TotalShopUK is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacke...

OTRS Local File Disclosure Vulnerability (OSA-2011-03)

Open Ticket Request System OTRS is prone to a local file disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpWebSite XSS Vulnerability (Aug 2011) - Active Check

phpWebSite is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Code Widgets DataBound Index Style Menu - &#039;category.asp&#039; SQL Injection

source: https://www.securityfocus.com/bid/49208/info Code Widgets DataBound Index Style Menu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

phpWebSite - &#039;page_id&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/49176/info phpWebSite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Ingate Firewall SIP Module Remote Denial of Service Vulnerability

Ingate Firewall is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Lasernet CMS <= 1.5 SQLi Vulnerability - Active Check

Lasernet CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

WordPress ProPlayer Plugin 'playlist-controller.php' Parameter SQL Injection Vulnerability

The ProPlayer plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Community Server <= 2008 XSS Vulnerability - Active Check

Community Server is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...