36 matches found
PT-2023-13663 · Unknown · Bluepage Cms
Name of the Vulnerable Software and Affected Versions: BluePage CMS versions 3.9 and earlier Description: The issue allows MySQL Injection in the users-cookie-settings token using a Time-based blind SLEEP payload due to insufficient sanitization of the HTTP Header Cookie value. Recommendations: F...
BLUEPAGE CMS 2.5 'PHPSESSID' Session Fixation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is vulnerable;...
CVE-2008-6027
Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...
Session fixation
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...
CVE-2008-6027
Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...
CVE-2008-6039
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...
CVE-2008-6039
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...
CVE-2008-6027
CVE-2008-6027 concerns multiple XSS vulnerabilities in index.php of BLUEPAGE CMS (version 2.5 and earlier). The weaknesses enable remote attackers to inject arbitrary web script or HTML via the whl, var_1, and search parameters, as described in the NVD entry. Connected records consistently refere...
CVE-2008-6027
Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...
CVE-2008-6039
The CVE-2008-6039 entry documents a session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier . An attacker can hijack a user’s web session by manipulating the PHPSESSID parameter, enabling remote session takeover. This is described across multiple sources (NVD, CVE listing) with a MEDIUM ba...
CVE-2008-6039
Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...
[MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues
MajorSecurity Advisory 53BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues Details ======= Product: BLUEPAGE CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.bluepage-cms.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered b...
BLUEPAGE CMS 2.5 - PHPSESSID Session Fixation
BLUEPAGE CMS 2.5 - PHPSESSID Session Fixation source: https://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is...
major_rls53.txt
MajorSecurity Advisory 53BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues Details ======= Product: BLUEPAGE CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.bluepage-cms.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered b...
BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation
source: https://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is vulnerable; other versions may also be affected...