Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the FetchTheme function. An authenticated attacker can access internal resources or services by supplying crafted input to the uri argument. Remediation There is no fixed version for...

PT-2025-31976

Name of the Vulnerable Software and Affected Versions XBMC versions prior to the 2012-11-04 nightly release XBMC version 11 Description XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HT...

Improper Validation Of Syntactic Correctness Of Input

org.eclipse.jetty:jetty-server is vulnerable to Improper Validation of Syntactic Correctness of Input via the HttpURI class. The vulnerability is due to insufficient validation on the authority segment of a URI. An attacker can manipulate the URI parsing to redirect requests or initiate server-si...

PhpGedView 2.5/2.6 Individual.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11882/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

Goolery 0.3 viewalbum.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems presen...

UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...

FreezingCold Broadboard search.asp SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in ...

PhpGedView 2.5/2.6 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11880/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

PhpGedView 2.x Descendancy.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11868/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

VirtuaSystems VirtuaNews 1.0.x Multiple Module Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9812/info It has been reported that the VirtuaNews non-default modules 'Files' and 'Vulns' are prone to multiple cross-site scripting vulnerabilities. These problems surround the application's failure to properly validate...

UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...

Form Sender 1.0 Processform.PHP3 Failed Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14326/info A cross-site scripting vulnerability affects Form Sender. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web pages...

PhpGedView 2.5/2.6 Relationship.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11906/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remo...

Goolery 0.3 viewpic.php conversation_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems presen...

dsm light web file browser 2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10381/info DSM Light has been reported to be prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue would allow an attacker...

PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11038/info PHP Code Snippet Library is reported prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...

Zwiki 0.10/0.36.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11745/info It is reported that Zwiki is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamic...

WordPress 1.2 categories.php cat_ID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...

Rhino Software Zaep AntiSpam 2.0 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10139/info It has been reported that Zaep AntiSpam is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user supplied URI input. This issue could permit ...

PHP-Nuke 6.x/7.x Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...