65 matches found
UebiMiau 2.7.10 - demopop3error.php?selected_theme Cross-Site Scripting
UebiMiau 2.7.10 - demopop3error.php?selectedtheme Cross-Site Scripting source: https://www.securityfocus.com/bid/24210/info Uebimiau is prone to multiple input-validation vulnerabilities, including cross-site scripting issues and an information-disclosure issue, because the application fails to...
DeskPro 2.0.1 - 'login.php' HTML Injection
source: https://www.securityfocus.com/bid/23381/info DeskPRO is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing...
QuizShock 1.6.1 - 'auth.php' HTML Injection
source: https://www.securityfocus.com/bid/23368/info QuizShock is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowi...
phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures
phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure...
Sage 1.3.6 - Input Validation
source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...
Five Star Review Script - 'report.php?item_id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...
Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload
Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload source: https://www.securityfocus.com/bid/17046/info Easy File Sharing Web Server is prone to multiple input-validation vulnerabilities. The application fails to properly sanitize user-supplied input before using it in...
PostNuke 0.6x0.7x NS-Languages Module - language SQL Injection
PostNuke 0.6x0.7x NS-Languages Module - language SQL Injection source: https://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation...
PostNuke 0.6x/0.7x NS-Languages Module - 'language' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16752/info PostNuke is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. Successful exploitation could allow an attacker to compromise the application, access or...
sNews - index.php Multiple SQL Injections
sNews - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/16647/info sNews is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...
sNews - 'index.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/16647/info sNews is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to compromise t...
PHP-Nuke News Submission Story - Text Field Cross-Site Scripting
PHP-Nuke News Submission Story - Text Field Cross-Site Scripting source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input...
Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities
Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16002/info Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...
Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection
source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...
Foojan PHPWeblog - Html Injection
source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...
Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection
source: https://www.securityfocus.com/bid/14579/info ECW Shop is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
Mensajeitor 1.8.9 - IP HTML Injection
Mensajeitor 1.8.9 - IP HTML Injection source: https://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities
Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted...
CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities
CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application ...
PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities
PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12828/info PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also...