OBLOG 'err.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33416/info OBLOG is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

CactuSoft CactuShop 5.0/5.1 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10020/info Reportedly CactuShop is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user supplied URI input. This issue could permit a remote...

FortiGate Firewall 2.x Policy Admin Interface XSS

No description provided by source. source: http://www.securityfocus.com/bid/9033/info Multiple cross-site scripting vulnerabilities have been reported in the FortiGate Firewall web administrative interface. These issues could be exploited by enticing an administrative user to follow a malicious...

SearchSimon Lite 1.0 Filename.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26142/info SearchSimon Lite is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...

Simple Message Board 2.0 beta1 Forum.CFM Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14266/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

PABox 2.0 Post Icon HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12796/info paBox is reportedly affected by a HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. The...

Jax PHP Scripts 1.0/1.34/2.14/3.31 formmailer.log User Sent Mail Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

Siteframe 2.2.4 search.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7140/info It has been reported that Siteframe does not sufficiently filter user supplied URI parameters on Siteframe pages. As a result of this deficiency, it is possible for a remote attacker to create a malicious link...

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the...

Exponent CMS 0.95 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12358/info Exponent is reported prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user facilitating thef...

DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...

HTB22952: XSS vulnerabilities in Noah's Classifieds

Vulnerability ID: HTB22952 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinnoahsclassifieds.html Product: Noah's Classifieds Vendor: Noah's Classifieds http://www.noahsclassifieds.org/ Vulnerable Version: 5.0.4 and probably prior versions Vendor Notification: 12 April 2011...

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

LotusCMS 3.0.3 - Multiple Vulnerabilities

Vulnerability ID: HTB22886 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinlotuscms.html Product: LotusCMS Vendor: Arboroia Network http://www.lotuscms.org/ Vulnerable Version: 3.0.3 and probably prior versions Vendor Notification: 01 March 2011 Vulnerability Type: CSRF Cross-Site Request...

Wolf CMS 0.6.0b Cross Site Request Forgery / Cross Site Scripting

==================================== Vulnerability ID: HTB22680 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwolfcms2.html Product: Wolf CMS Vendor: Wolf CMS team http://www.wolfcms.org/ Vulnerable Version: 0.6.0b and probably prior versions Vendor Notification: 09 November 2010...

XSS vulnerability in Kandidat CMS

Vulnerability ID: HTB22649 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinkandidatcms1.html Product: Kandidat CMS Vendor: Kan-Studio http://www.kan-studio.ru/ Vulnerable Version: 1.4.2 and probably prior versions Vendor Notification: 19 October 2010 Vulnerability Type: XSS Cross Sit...

XSS vulnerability in LiSK CMS

Vulnerability ID: HTB22372 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinproduct.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

Axigen Mail Server HTML Injection Vulnerability

Axigen Mail Server is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Update Protection against Mozilla Firefox nsDirIndexParser Overflow

The Mozilla Foundation has reported various vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. If expolited, these vulnerabilities may lead to theft of authentication credentials, disclosure of sensitive information, execution of scripts with elevated privileges and execution of...

Contrexx CMS 1.0.x - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...