CVE-2016-4880

Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

baserCMS plugin Blog vulnerable to cross-site request forgery

Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugin Blog contain a cross-site request forgery vulnerability. Masamu Asato of National Institute of Technology, Okinawa College reported this vulnerability to IPA. JPCERT/CC...

baserCMS plugin Blog vulnerable to cross-site request forgery

Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugin Blog contain a cross-site request forgery vulnerability. Isao Takaesu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

baserCMS plugin Blog vulnerable to cross-site scripting

Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugin Blog contain a stored cross-site scripting vulnerability. Isao Takaesu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with...

WordPress Encrypted Blog Plugin <= 0.0.6.2 - Reflected Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability via encryptblogform.php redirectto parameter. Solution Update the plugin...

WordPress Recipes Blog Plugin 'id' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27856/info The WordPress Recipes Blog plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

Vbulletin &#40;blog_plugin_useradmin&#41; v4.1.12 Sql Injection Vulnerability

a bug in Vbulletin blogpluginuseradmin v4.1.12 that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : Vbulletin blogpluginuseradmin v4.1.12 Sql Injection Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link :...

CVE-2010-4734

Multiple cross-site scripting XSS vulnerabilities in the comment feature in Skeletonz CMS 1.0, when the Blog plugin is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Website, and 3 Email parameters. NOTE: some of these details are obtained from third part...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the comment feature in Skeletonz CMS 1.0, when the Blog plugin is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Website, and 3 Email parameters. NOTE: some of these details are obtained from third part...

CVE-2010-4734

CVE-2010-4734 : Concrete details across multiple sources show multiple XSS vulnerabilities in the comment feature of Skeletonz CMS 1.0 when the Blog plugin is enabled. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the Name, Website, and Email parameters. Th...

SocialEngine Blog Plugin category_id Parameter SQL Injection

The remote host is running SocialEngine, a PHP-based social network platform. The version of the Blog plugin for SocialEngine installed on the remote host fails to sanitize input to the 'categoryid' parameter of the 'blog.php' script before using it to construct database queries. Regardless of...