17 matches found
My Blog 1.63 BBCode HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...
WordPress WP-FeedStats 2.1 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...
Bit 5 Blog 8.1 AddComment.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16246/info Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage these issues to inject hostile HTML and script code that would run in the...
Micro CMS 1.0 - name HTML Injection (2)
Micro CMS 1.0 - name HTML Injection 2 source: https://www.securityfocus.com/bid/44300/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...
PHORTAIL 1.2.1 - 'poster.php' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/34038/info PHORTAIL is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacke...
MagpieRSS 0.72 - CDATA HTML Injection
MagpieRSS 0.72 - CDATA HTML Injection source: https://www.securityfocus.com/bid/33044/info MagpieRSS is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scri...
Power Phlogger 2.2.x - Cross-Site Scripting
source: https://www.securityfocus.com/bid/37150/info Power Phlogger is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers can exploit this issue to steal cookie-based authentication credentials or to control how the site...
Sage 1.3.6 - Input Validation
source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...
Foojan PHPWeblog - Html Injection
source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...
Mensajeitor 1.8.9 - IP HTML Injection
Mensajeitor 1.8.9 - IP HTML Injection source: https://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted...
CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities
CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application ...
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it...
OOApp Guestbook - Multiple HTML Injection Vulnerabilities
OOApp Guestbook - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12647/info OOApp Guestbook is reportedly affected by multiple HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input. The...
OOApp Guestbook - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/12647/info OOApp Guestbook is reportedly affected by multiple HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input. The attacker-supplied HTML and script code would be able to access...