A Cross Site Scripting vulnerability was found in Petrol Pump Management Software v1.0. By injecting a malicious payload into the 'Address' parameter in the add_invoices.php component, an attacker can execute arbitrary code. This vulnerability could be exploited to perform various malicious actions.
A Cross Site Scripting vulnerability was found in Petrol Pump Management Software v1.0. By injecting a malicious payload into the 'Address' parameter in the add_invoices.php component, an attacker can execute arbitrary code. This vulnerability could be exploited to perform various malicious actions.
The Joomla component com_djartgallery has multiple vulnerabilities including Cross Site Scripting (XSS) and Blind SQL Injection. The XSS vulnerability can be exploited by injecting code into the 'id' parameter in the editimage function. The Blind SQL Injection vulnerability can be exploited by injecting code into the 'cid' parameter in the editItem function. Both vulnerabilities allow an attacker to execute arbitrary code or extract information from the database.
The vulnerabilities in EarlyImpact ProductCart allow for SQL injection, cross-site scripting, and cryptographic weaknesses. These issues could lead to the exposure of sensitive data, execution of hostile script code, and HTML. The exploitation of these vulnerabilities could result in a full compromise of the software.
The vulnerabilities allow attackers to perform cross-site scripting attacks, inject HTML code, and hijack user accounts using specially crafted cookies. An attacker can exploit these vulnerabilities by sending malicious requests to the affected PHPX server.
An attacker can launch a cross-site scripting attack by exploiting a problem in the handling of certain types of input to DansGuardian. This can be done by injecting malicious code into the DENIEDURL parameter of the dansguardian.pl script.
Several cross site scripting vulnerabilities have been reported for eZ Publish. These vulnerabilities are due to insufficient sanitization of user-supplied data submitted to eZ Publish. Exploitation may allow theft of cookie-based authentication credentials or other attacks.
The Betsie (BBC Education Text to Speech Internet Enhancer) application is prone to a cross-site scripting vulnerability. This vulnerability exists in the 'parserl.pl' script. Attackers can exploit this vulnerability by providing a malicious link to a website that is running the vulnerable software. If a user visits the malicious link, it can cause arbitrary script code to be executed in their web browser.
The SAP Web Application Server is prone to multiple cross-site scripting vulnerabilities. These issues occur due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user within the affected site's context. This can lead to the theft of cookie-based authentication credentials and other attacks.
XMB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. A successful exploit could allow an attacker to steal cookie-based authentication credentials and launch other attacks.
Services By CQR