| Released | Name |
| January 19, 2010 | searchingred.results.EasySiteNetworkJokes.XSS |
| A cross site scripting vulnerability exists in the EasySiteNetworkJokes web application due to insufficient user input sanitation of the 'id' parameter to the joke.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | id.joke.EasySiteNetworkJokes.XSS.C |
| A cross site scripting vulnerability exists in the EasySiteNetworkJokes web application due to insufficient user input sanitation of the 'id' parameter to the joke.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | id.joke.EasySiteNetworkJokes.XSS.B |
| A cross site scripting vulnerability exists in the EasySiteNetworkJokes web application due to insufficient user input sanitation of the 'id' parameter to the joke.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | id.joke.EasySiteNetworkJokes.XSS.A |
| A cross site scripting vulnerability exists in the EasySiteNetworkJokes web application due to insufficient user input sanitation of the 'id' parameter to the joke.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | surgeftpmgr.SurgeFTP.XSS.D |
| A cross site scripting vulnerability exists in the SurgeFTP web application due to insufficient user input sanitation to the surgeftpmgr.cgi page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | surgeftpmgr.SurgeFTP.XSS.C |
| A cross site scripting vulnerability exists in the SurgeFTP web application due to insufficient user input sanitation to the surgeftpmgr.cgi page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | surgeftpmgr.SurgeFTP.XSS.B |
| A cross site scripting vulnerability exists in the SurgeFTP web application due to insufficient user input sanitation to the surgeftpmgr.cgi page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | surgeftpmgr.SurgeFTP.XSS.A |
| A cross site scripting vulnerability exists in the SurgeFTP web application due to insufficient user input sanitation to the surgeftpmgr.cgi page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | methodSave.manage_editUserSettings.Generic.Zenoss.CSRF |
| A cross site request forgery vulnerability exists in the Zenoss web application due to insufficient user input sanitation. An attacker could exploit this to make unauthorized modifications to the service, in the context of a victim's privileges. This signature searches for a user-settings Save request in the URL. |
| January 19, 2010 | tags.SemanticScuttle.XSS.C |
| A cross site scripting vulnerability exists in the SemanticScuttle web application due to insufficient user input sanitation to the tags.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |
| January 19, 2010 | tags.SemanticScuttle.XSS.B |
| A cross site scripting vulnerability exists in the SemanticScuttle web application due to insufficient user input sanitation to the tags.php page. An attacker could exploit this to execute arbitrary HTML and script code in the user's session. |