7 matches found
CVE-2012-3232
Cross-site scripting XSS vulnerability in search.php in web@all 2.0, as downloaded before May 30, 2012, allows remote attackers to inject arbitrary web script or HTML via the texttitle parameter...
CVE-2012-3232
Cross-site scripting XSS vulnerability in search.php in web@all 2.0, as downloaded before May 30, 2012, allows remote attackers to inject arbitrary web script or HTML via the texttitle parameter...
CVE-2012-3232
The CVE-2012-3232 entry relates to web@all 2.0. Affected component: search.php; vulnerability types: CSRF (CVE-2012-3231) and XSS (CVE-2012-3232). Root cause: input passed via the GET parameter _text[title] is not properly sanitized, allowing an attacker to inject arbitrary HTML/script in the use...
Multiple vulnerabilities in web@all
Advisory ID: HTB23094 Product: web@all Vendor: webatall.org Vulnerable Versions: 2.0 downloaded before 30th of May 2012; prior versions may also be vulnerable Tested Version: 2.0 downloaded on 25th of May 2012 Vendor Notification: 30 May 2012 Vendor Patch: 30 May 2012 Public Disclosure: 20 June...
[email protected] 2.0 Cross Site Request Forgery / Cross Site Scripting
Exploit for php platform in category web applications Product: email protected Vendor: webatall.org Vulnerable Versions: 2.0 downloaded before 30th of May 2012; prior versions may also be vulnerable Tested Version: 2.0 downloaded on 25th of May 2012 Vendor Notification: 30 May 2012 Vendor Patch: ...
Web@All 2.0 Cross Site Request Forgery / Cross Site Scripting
Advisory ID: HTB23094 Product: web@all Vendor: webatall.org Vulnerable Versions: 2.0 downloaded before 30th of May 2012; prior versions may also be vulnerable Tested Version: 2.0 downloaded on 25th of May 2012 Vendor Notification: 30 May 2012 Vendor Patch: 30 May 2012 Public Disclosure: 20 June...
CVE-2012-3232
creationtimestamp| type| source ---|---|--- 2012-06-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37435...