b2evolution 4.0.3 - Persistent Cross-Site Scripting

Source: http://packetstormsecurity.org/files/view/99362/b2evolution403-xss.txt ------------------------------------------------------------------------ Software................b2evolution 4.0.3 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5...

CVE-2008-0398

Cross-site scripting XSS vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form...

Cross site scripting

Cross-site scripting XSS vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form...

Cross site scripting

Cross-site scripting XSS vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form...

CVE-2007-6677

Cross-site scripting XSS vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the comment field in the comment form...

WordPress Peter's Random Anti-Spam Image Plugin <= 0.2.4 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the comment field in the comment form. Solution Update the plugin...

postrev-rfi.txt

Post Revolution Remote File Inclusion Affected Software .: Post Revolution 6.6 / 7.0 Release Candidate 2 Download..: http://www.fabio.com.ar/postrev/ Risk ..............: high Date .........: 25/3/2007 Found by ..........: InyeXion Contact ...........: InyeXionatgmail.com Web .............:...