40 matches found
Default credentials
In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction...
PT-2023-23087 · Apollo · Apollo
Name of the Vulnerable Software and Affected Versions: Apollo affected versions not specified Description: The issue allows comments added by users in Apollo change requests to contain a javascript URI link. When rendered, this link can result in a cross-site scripting XSS attack that requires us...
Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input...
PHPX 3.x admin/news.php CSRF Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...
OpenBB 1.0.x board.php FID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...
IBM Lotus Domino 6.x Cross-Site Scripting and HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11458/info It is reported that Lotus Domino is susceptible to a cross-site scripting and an HTML injection vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. The...
OpenBB 1.0.x post.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...
PHP-Nuke 6.x/7.x Your_Account Module Avatarcategory Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13010/info It is reported that the PHP-Nuke 'YourAccount' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...
Cherokee 0.1.x/0.2.x/0.4.x Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9496/info Cherokee has been reported to contain a cross-site scripting vulnerability via error pages. An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a...
Mantis 0.x Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10994/info Mantis is a web-based bug tracking system. It is written in PHP and supported by a MySQL database. It is reported that Mantis is affected by cross-site scripting vulnerabilities. These issues are due to a failu...
Mark Zuckerberg Thefacebook Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11676/info It is reported that Thefacebook is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could...
WordPress 1.2.1/1.2.2 moderation.php item_approved Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site...
OSCommerce 2.2 Contact_us.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link that includes...
OpenBB 1.0.x search.php q Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may...
Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13897/info Cerberus Helpdesk is affected by various cross-site scripting vulnerabilities. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile...
PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12561/info It is reported that PHP-Nuke is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to create a...
osCommerce 2.2 - 'Contact_us.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this...
WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12009/info It is reported that WorkBoard is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to create ...
WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities
WorkBoard 1.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12009/info It is reported that WorkBoard is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI...
UseModWiki 1.0 - Wiki.pl Cross-Site Scripting
UseModWiki 1.0 - Wiki.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/11924/info It is reported that UseModWiki is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input before outputting i...