cross site scripting xss

Release date:Last Updated:Hazard level: High RiskVulnerability Type: XSSThreat Type: Remote Vulnerability description: HP Palm WebOS is a new-generation operating system that provides unprecedented scalability through network clients. Cross-site scripting vulnerability exists in the Calendar application of version 3.0.2 and later versions of HP Palm webOS. Rem

Release date: 2011-11-03Updated on: 2011-11-04 Affected Systems:RhinoSoft Serv-U WebClient 9.1. 0RhinoSoft Serv-U Web Client 9.0.0.5RhinoSoft Serv-U Web Client 11.0.0.3Unaffected system:RhinoSoft Serv-U Web Client 11.0.0.4Description:--------------------------------------------------------------------------------Bugtraq id: 50503 Serv-U contains a simple browser-based transmission client. The Serv-U Web Client has a cross-

Release date:Updated on: Affected Systems:Fortinet FortiGate 5000Fortinet FortiGate 3950Fortinet FortiGate 3810ADescription:--------------------------------------------------------------------------------Bugtraq id: 55591 Fortinet FortiGate is a popular hardware firewall. The Fortinet FortiGate device has multiple cross-site scripting vulnerabilities. Attacker

MyWebSQL 'index. php' Cross-Site Scripting Vulnerability Released on: 2014-09-03Updated on: 2014-09-04 Affected Systems:MyWebSQL 3.4Description:--------------------------------------------------------------------------------Bugtraq id: 69553CVE (CAN) ID: CVE-2014-4735 MyWebSQL is a web-based MySQL database management tool. MyWebSQL 3.4 and other versions are not

Affected Versions: e107.org e107 website system 0.7.16Vulnerability Description: bugtraq id: 36517 E107 is a content management system written in php. The page (http: // site/email. php? News.1) does not properly filter the Referer header. Remote attackers can execute cross-site scripting attacks by submitting malici

Release date:Updated on: Affected Systems:Microsoft SharePoint Foundation 2010 SP1Microsoft SharePoint Foundation 2010Microsoft infopath2010Microsoft InfoPath 2007 SP2Microsoft infopath2007Description:--------------------------------------------------------------------------------Bugtraq id: 54316Cve id: CVE-2012-1863 SharePoint Server is a Server function integration suite that provides comprehensive Content Management and Enterprise Search, accelerating shared business processes and simplifyin

Affected Versions:Mozilla Firefox 3.6.Mozilla Firefox 3.5.xMozilla Firefox 3.0.xMozilla Thunderbird 3.0Mozilla SeaMonkey 2.0Vulnerability description: Firefox is a popular open-source WEB browser. Firefox's addEventListener and setTimeout implementations have security vulnerabilities. You can use encapsulated objects to bypass the fix provided by MFSA 3.6-19 to execute cross-site

Release date:Updated on: Affected Systems:Pearsonschoolsystems eSISDescription:--------------------------------------------------------------------------------Bugtraq id: 66562CVE (CAN) ID: CVE-2014-1942Pearson eSIS is an enterprise-level student information system.Pearson eSIS has a cross-site scripting vulnerability. Attackers can exploit this vulnerability to

Release date:Updated on: Affected Systems:Siemens SIMATIC S7-1200 3.xSiemens SIMATIC S7-1200 2.xDescription:--------------------------------------------------------------------------------CVE (CAN) ID: CVE-2014-2908The SIMATIC S7-1200 is a programmable controller that enables simple but highly precise automation tasks.The Siemens SIMATIC S7-1200's integrated Web server (TCP ports 80 and 443) has a security vulnerability that allows remote attackers to execute

Released on: 2013-01-01Updated on: Affected Systems:PHP imdb Classes 2-2.1.5Description:--------------------------------------------------------------------------------Bugtraq id: 64542 PHP is an embedded HTML language. PHP imdb 2-2.1.5 and other versions have multiple cross-site scripting vulnerabilities. Attackers can exploit these vulnerabilities to execute

Release date: 2013-07-04Updated on: Affected Systems:PhpMyAdmin Description:--------------------------------------------------------------------------------CVE (CAN) ID: CVE-2013-3742 Phpmyadmin is an online management tool for MySQL databases. Its main functions include creating data tables online, running SQL statements, searching and querying data, and importing and exporting data. PhpMyAdmin 4. view_create.php earlier than Version x has a cross

Release date:Updated on: Affected Systems:Advantech WebAccess HMI/SCADADescription:--------------------------------------------------------------------------------Bugtraq id: 57227WebAccess HMI/SCADA software provides remote control and management, allowing you to easily view and configure automation devices in the facility management system, power station and building automation system.Advantech WebAccess HMI/SCADA has an unknown cross-

Release date:Updated on: Affected Systems:StatusNet 0.9.8StatusNet 0.8Unaffected system:StatusNet 0.9.9Description:--------------------------------------------------------------------------------Bugtraq id: 49113 StatusNet, formerly Laconica, is an open-source microblog platform software developed using PHP. StatusNet has a cross-site scripting vulnerability i

Release date:Updated on: Affected Systems:Symantec IM Manager 8.xUnaffected system:Symantec IM Manager 8.4.18Description:--------------------------------------------------------------------------------Bugtraq id: 49739Cve id: CVE-2011-0552 Symantec IM Manager provides certification support for public and enterprise IM networks and seamlessly manages enterprise instant messaging, it also implements security assurance, logging and archiving-including fine-grained policy enforcement and security co

Release date: 2012-04-23Updated on: 2012-04-23 Affected Systems:Sohuu OA (Office Automation) 2011Description:--------------------------------------------------------------------------------Office Automation is a commercial Office system developed based on PHP and MySQL. The OA Office System has multiple cross-site scripting vulnerabilities, including: Web forms

Release date:Updated on: Affected Systems:Hitachi IT Operations DirectorDescription:--------------------------------------------------------------------------------Hitachi IT Operations Director is a system management software that automates client IT infrastructure lifecycle tasks. Hitachi IT Operations Director 02-50-01 to 02-50-07 and 03-03-03-00-07 have Implementation Vulnerabilities, which can be exploited by malicious users to execute cross-

Release date:Updated on: Affected Systems:Horde IMP Horde Groupware Webmail Edition Unaffected system:Horde IMP 5.0.21Horde Groupware Webmail Edition 4.0.8Description:--------------------------------------------------------------------------------Bugtraq id: 53435 IMP is an internet messaging program written in PHP. It provides webpage email access and rich Web message transmission for IMAP and POP3 accounts. The Horde IMP Webmail client earlier than IMP 5.0.21 has multiple

Release date: 2011-12-13Updated on: 2011-12-14 Affected Systems:Adobe ColdFusion 9.0.1Adobe ColdFusion 9.0Adobe ColdFusion 8.0.1Adobe ColdFusion 8.0Description:--------------------------------------------------------------------------------Bugtraq id: 51043Cve id: CVE-2011-4368 Adobe ColdFusion is a dynamic Web server. Adobe ColdFusion has a cross-site scripting