968 matches found
IPortalX Forums Cross-Site Scripting Vulnerability
HSC IPortalX Forums Cross-Site Scripting Vulnerability IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
dokeos-xss.txt
HSC Dokeos Multiple Cross-Site Scripting Vulnerabilities Dokeos is a learning management systemused to manage e-learning. It's prone to cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the conte...
wconnect-xss.txt
HSC WCONNECT WC.DLL Cross-Site Scripting Vulnerability West Wind Web Connection is a tool for building Web applications using the Visual FoxPro environment but is also Vulnerable to Cross-Site scripting attacks. Admins need to password protect the application since its installed with out password...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...
gwextranet-multi.txt
HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...
mps-insertion.txt
HSCMySpace Scripts - Poll Creator JavaScript Injection Vulnerability Our MySpace Poll Creator script is the ultimate addition to your MySpace resource site. The script enables your user to quickly and easily create a poll that they can post to profile or bulletin to all their friends. Everyone...
GWExtranet Script Injections & Privilege Escalation Vulnerability
HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...
CVE-2007-5808
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client -...
smartshop-xss.txt
HSC Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability SMART-SHOP shopping cart software is a all-in-one hosted e-commerce solution that creates and helps you maintain your online store fast, easy, and cost-effective. Many people using this software must be warned that there are holes in...
DNewsWeb Softwares Cross Site Scripting Vulrnability
HSC DNewsWeb Softwares Cross Site Scripting Vulrnability The DNews News Server is advanced news server software that makes it easy for you to provide users with fast access to Internet Usenet news groups. Installing your own l ocal news server software also gives you complete control to create yo...
dnewsweb-xss.txt
HSC DNewsWeb Softwares Cross Site Scripting Vulrnability The DNews News Server is advanced news server software that makes it easy for you to provide users with fast access to Internet Usenet news groups. Installing your own l ocal news server software also gives you complete control to create yo...
eGov Content Manager Cross Site Scripting Vulrnability
HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...
Boinc Forum Cross Site Scripting Vulrnability
HSC Boinc Forum Cross Site Scripting Vulrnability This issue is due to a failure in the application to properly sanitize user-supplied input. Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
boinc-xss.txt
HSC Boinc Forum Cross Site Scripting Vulrnability This issue is due to a failure in the application to properly sanitize user-supplied input. Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
InterWorx-CP Multiple HTML Injections Vulnerabilitie
HSC InterWorx-CP Multiple HTMl Injection Vulnerabilities The InterWorx Hosting Control Panel InterWorx-CP is a dedicated server control panel. InterWorx suffers from multiple HTMl injection vulnerabilities. JavaScript and Cross site scripting are just few found vulns, more sophisticated attacks...
phpsysinfo-xss.txt
HSC PHPSysInfo Index.php Cross Site Scripting PhpSysInfo is a PHP script that displays information about the host being accessed. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the...
csc-sqlxss.txt
--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...
cactushop-mdb.txt
Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...
Aardvark Topsites PHP Directory Disclosure Vulnerability
Aardvark Topsites PHP Directory Disclosure Vulnerability Aardvark Topsites PHP is the premier free PHP/MySQL topsites script. An attacker can see what files are in the Directory. Knowing what is there to be executed can allow for more targeted and intelligent attacks against PHP Files known to be...