OpManager 6/7 ping.do name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

fipsShop Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21289/info fipsShop is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

Bookmark4U 2.0 inc/common.php env[include_prefix] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18281/info Bookmark4U is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

HotNews 0.x hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included and subsequently executed in the contex...

Inside Systems Mail 2.0 Error.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21424/info Inside Systems Mail is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

Ripe Website Manager 0.8.x pages/delete_page.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/25406/info Ripe Website Manager is prone to multiple input-validation vulnerabilities, including HTML- and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

Shadowed Portal 5.7 Load.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17430/info Shadowed Portal is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

phpMyAdmin <= 3.3.0 'db' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35531/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

FlashChat F_CMS 4.7.9 Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24190/info FlashChat is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to execute an arbitrary...

Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8290/info Cisco Aironet AP1x00 series devices are prone to a denial of service vulnerability upon receipt of a malformed HTTP GET request. Such a request will cause the device to reload. !/usr/bin/perl Cisco Global...

PHP JackKnife 2.21 (PHPJK) UserArea/Authenticate.php sUName Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24253/info PHP JackKnife is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. Exploiting these issues could allow an attacker to steal cookie-based authentication...

WebKit Floating Point Number Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36023/info WebKit is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a...

Imagevue r16 'amount' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37557/info Imagevue is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

VBZoom 1.0/1.11 login.php UserID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14423/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...

Blog Manager inc_webblogmanager.asp CategoryID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...

ProjectPier 0.8 Multiple HTML Injection and Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27857/info ProjectPier is prone to multiple HTML-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

Microsoft IIS 5.0 IDC Extension Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5900/info A vulnerability in Microsoft Internet Information Server IIS may make cross-site scripting attacks possible. When IIS receives a request for an .idc file, the server typically returns a 404 message when the page...

PhpWebGallery 1.3.4/1.5.1 category.php search Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15837/info PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attack...

Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37103/info Fuctweb CapCC Plugin for WordPress is prone to a security-bypass vulnerability that occurs in the audio CAPTCHA protocol. Successful exploits may allow attackers to bypass security restrictions and perform...

V-webmail 1.6.4 includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and t...