14 matches found
iSupport 1.8 ticket_function.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/37380/info iDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary...
CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
DFLabs PTK 1.0.5 Cross Site Request Forgery
+---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012 Author : Ivano Binetti...
DFLabs PTK 1.0.5 - Steal Authentication Credentials
+---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : DFLabs PTK = 1.0.5 Multiple Vulnerabilities Steal Authentication Credentials Date : 22-02-2012 Author : Ivano Binetti...
Ziggurat Farsi CMS - 'id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39311/info Ziggurat Farsi CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
PHD Help Desk 1.43 - 'atributo.php?URL' Cross-Site Scripting
source: https://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...
PG Matchmaking - 'services.php?show' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35808/info PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...
Tornado Knowledge Retrieval System 4.2 - 'p' Cross-Site Scripting
source: https://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...
EsContacts 1.0 - login.php?msg Cross-Site Scripting
EsContacts 1.0 - login.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script...
Inventory Manager - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/21069/info Inventory Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. Successful exploits of these vulnerabiliti...
BandSite CMS 1.1 - 'news_content.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...
PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection
PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection source: https://www.securityfocus.com/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize...
V3 Chat Instant Messenger - mailindex.php?id Cross-Site Scripting
V3 Chat Instant Messenger - mailindex.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...
yMonda Thread-IT 1.6 - Multiple HTML Injections
yMonda Thread-IT 1.6 - Multiple HTML Injections source: https://www.securityfocus.com/bid/8692/info It has been reported that yMonda Thread-IT is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the...