16 matches found
XVIDEOS: Script breaking tag (Forces website to render blank) (Informative)
Summary: This is a bug affecting core HTML and JS elements on the site via Search Steps To Reproduce: 1. Open https://www.xvideos.com 2. Click to search enter payload= "" without quotes 3. Hit enter or search, watch the page break and not load any content content is loaded in console, renders pag...
SaralBlog 1.0 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16306/info saralblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
phpldapadmin 0.9.8 copy_form.php dn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...
OpenFAQ 0.4 Validate.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17860/info OpenFAQ is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script cod...
MyBB 1.4.5 - Multiple Vulnerabilities
MyBB 1.4.5 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34798/info MyBB is prone to multiple security vulnerabilities, including an HTML-injection issue and an unspecified issue. An attacker may leverage the HTML-injection issue to execute arbitrary script code in the...
CuteNews 1.4.5 - show_news.php Cross-Site Scripting
CuteNews 1.4.5 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...
TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities
TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/18230/info TAL RateMyPic is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can...
Chucky A. Ivey N.T. 1.1 - 'index.php' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/17387/info N.T. is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
sBlog 0.7.2 - search.php?keyword POST Method Cross-Site Scripting
sBlog 0.7.2 - search.php?keyword POST Method Cross-Site Scripting source: https://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-suppli...
Bitweaver 1.11.2 - Title HTML Injection
Bitweaver 1.11.2 - Title HTML Injection source: https://www.securityfocus.com/bid/16973/info The bitweaver application is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HT...
Easy Forum 2.5 - New User Image File HTML Injection
source: https://www.securityfocus.com/bid/16958/info Easy Forum is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities
Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content...
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-suppli...
AZ Bulletin Board 1.0.x/1.1 - 'post.php' HTML Injection
source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
Zomplog 3.33.4 - detail.php HTML Injection
Zomplog 3.33.4 - detail.php HTML Injection source: https://www.securityfocus.com/bid/15168/info Zomplog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...