CVE-2013-0566

Multiple cross-site scripting XSS vulnerabilities in the 1 Accelerator JSPs, 2 Organization Administration Console JSPs, and 3 Administration Console JSPs in WebSphere Commerce Tools in IBM WebSphere Commerce 5.6.1.0 through 5.6.1.5, 6.0.0.0 through 6.0.0.11, and 7.0.0.0 through 7.0.0.7 allow...

CVE-2013-4995

Cross-site scripting XSS vulnerability in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SQL query that is not properly handled during the display of row information...

Console: XSS in invoke operation

It was found that the parameters passed to operation invocations on the JMX console were not properly sanitized. Remote attackers could use this flaw to inject arbitrary web script or HTML into the JMX console...

GLSA-201211-01 : MantisBT: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201211-01 MantisBT: Multiple vulnerabilities Multiple vulnerabilities have been discovered in MantisBT. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could exploit these vulnerabilities...

Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities

Ad Manager Pro is prone to multiple sql injection and cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Ad Manager Pro - Multiple Vulnerabilities

Ad Manager Pro - Multiple Vulnerabilities ----------------------------------------------------------- Ad Manager Pro Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/ad-manager-pro/ Demo - http://www.scripts-demo.com/admanagerpro/ ISRAEL...

PHP Web Scripts Text Exchange Pro - 'page' Local File Inclusion

source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of...

PHP Web Scripts Text Exchange Pro - page Local File Inclusion

PHP Web Scripts Text Exchange Pro - page Local File Inclusion source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this...

PHP Web Scripts Ad Manager Pro - page Local File Inclusion

PHP Web Scripts Ad Manager Pro - page Local File Inclusion source: https://www.securityfocus.com/bid/55189/info PHP Web Scripts Ad Manager Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability t...

PHP Web Scripts Ad Manager Pro - 'page' Local File Inclusion

source: https://www.securityfocus.com/bid/55189/info PHP Web Scripts Ad Manager Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of th...

Cross site scripting

Cross-site scripting XSS vulnerability in the Spike PHPCoverage aka spikephpcoverage library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Microsoft SharePoint 跨站脚本漏洞(CVE-2012-1863)

Bugtraq ID:54316 CVE ID:CVE-2012-1863 Microsoft SharePoint Server是一款服务器功能集成套件，提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。 Microsoft SharePoint Server存在一个跨站脚本漏洞，允许攻击者通过URL中特制的JavaScript元素，注入任意WEB脚本或HTML，攻击者可以利用漏洞获得敏感信息或劫持用户会话。 0 Microsoft SharePoint Foundation 2010 SP1 Microsoft SharePoint Foundation 2010...

Creative Works - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title:Creative Works Multiple sql web scripts Google Dork:Powered by: Creative Works Software Link:www.creativeworks.com.ec Version:2012 Tested on:linux and windows any os credits:Security Warriors Team SWT...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

PHP Inventory < 1.3.2 SQLi Vulnerability

PHP Inventory is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in iTop aka IT Operations Portal 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted company name, 2 a crafted database server name, 3 a crafted CSV file, 4 a crafted copy-and-paste action, 5 the...

CVE-2010-4843

SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter...

CVE-2010-4843

CVE-2010-4843 targets PHP Web Scripts Ad Manager Pro 3.0, with a SQL injection in website-page.php exploitable via the pageId parameter. The vulnerability permits remote attackers to execute arbitrary SQL commands, with impact on confidentiality, integrity, and availability (C:P/I:P/A:P); CVSS v2...

CVE-2010-4843

SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter...

DSA-2260-1 rails - several

Bulletin has no description...