Lucene search
K

146 matches found

NVD
NVD
added 2006/01/25 2:3 a.m.16 views

CVE-2006-0409

Cross-site scripting XSS vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup...

4.3CVSS5.7AI score0.0193EPSS
Exploits1References7
Prion
Prion
added 2006/01/25 2:3 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup...

4.3CVSS6.1AI score0.0193EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/01/25 2:0 a.m.22 views

CVE-2006-0409

Cross-site scripting XSS vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup...

5.7AI score0.0193EPSS
Exploits1References7
CVE
CVE
added 2006/01/25 2:0 a.m.41 views

CVE-2006-0409

CVE-2006-0409 describes a cross-site scripting (XSS) vulnerability in the Pixelpost Photoblog 1.4.3 implementation of index.php, exploitable via the "Add Comment" field in a comment popup. The affected component is the comment handling code in Pixelpost’s index.php, with the underlying cause bein...

4.3CVSS5.7AI score0.0193EPSS
Exploits1References7Affected Software1
exploitpack
exploitpack
added 2006/01/24 12:0 a.m.132 views

PixelPost 1.4.3 - User Comment HTML Injection

PixelPost 1.4.3 - User Comment HTML Injection source: https://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2006/01/24 12:0 a.m.35 views

PixelPost 1.4.3 - User Comment HTML Injection

source: https://www.securityfocus.com/bid/16362/info Pixelpost is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

7.4AI score
Exploits0
Rows per page
Query Builder