CVE-2012-1001

Chyrp contains multiple XSS flaws identified as CVE-2012-1001. The vulnerabilities occur in Chyrp before 2.1.2 and before 2.5 Beta 2, enabling remote attackers to inject arbitrary scripts via the content parameter to includes/ajax.php or the body parameter to includes/error.php. The root cause is...

Multiple XSS in Chyrp

Advisory ID: HTB23073 Product: Chyrp Vendor: Chyrp Vulnerable Versions: 2.5b1 and probably prior Tested Version: 2.5b1 Vendor Notification: 1 February 2012 Vendor Patch: 2 February 2012 Public Disclosure: 22 February 2012 Vulnerability Type: Cross Site Scripting XSS CVE References: CVE-2012-1001...

Chyrp 2.5b1 Cross Site Scripting

Advisory ID: HTB23073 Product: Chyrp Vendor: Chyrp Vulnerable Versions: 2.5b1 and probably prior Tested Version: 2.5b1 Vendor Notification: 1 February 2012 Vendor Patch: 2 February 2012 Public Disclosure: 22 February 2012 Vulnerability Type: Cross Site Scripting XSS CVE References: CVE-2012-1001...

CVE-2012-1001

creationtimestamp| type| source ---|---|--- 2012-02-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36874 2012-02-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36875 2024-02-26 08:11:26+00:00| seen| https://t.me/ctinow/193140...

Multiple XSS in Chyrp

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Chyrp, which can be exploited to perform Cross Site Scripting attacks. 1 Cross Site Scripting XSS in Chyrp: CVE-2012-1001 1.1 Input passed via the "content" POST parameter to /includes/ajax.php is not properly...