89 matches found
CVE-2013-7474
Windu CMS 2.2 is affected by a Cross-Site Scripting (XSS) vulnerability. The flaw allows injection via the name parameter in admin/content/edit or admin/content/add, or via the username parameter in admin/users. The NVD records show a CVSS base score of 4.3 (CS: Partial integrity impact, Network ...
Windu CMS 2.2 - Multiple Vulnerabilities
No description provided by source. !-- Windu CMS 2.2 CSRF Add Admin Exploit Vendor: Adam Czajkowski Product web page: http://www.windu.org Affected version: 2.2 rev 1430 Summary: Windu CMS is a simple, lightweight and fun-to-use website content management software. Desc: Windu CMS suffers from a...
Windu CMS 2.2 - Multiple Vulnerabilities
Windu CMS 2.2 - Multiple Vulnerabilities Windu CMS 2.2 CSRF Add Admin Exploit input t...
Windu CMS 2.2 - Multiple Vulnerabilities
Windu CMS 2.2 CSRF Add Admin Exploit input type="hidden" name="type" value="...
Windu CMS 2.2 Cross Site Request Forgery Vulnerability
Windu CMS version 2.2 suffers from a cross site request forgery vulnerability. Windu CMS 2.2 CSRF Add Admin Exploit form method="POST" action="http://localhost/winducms/a...
Windu CMS 2.2 Cross Site Request Forgery
Windu CMS 2.2 CSRF Add Admin Exploit input type="hidden" name="em...
Windu CMS 2.2 Cross Site Scripting
Windu CMS 2.2 Multiple Persistent Cross-Site Scripting Vulnerabilities alert1;' / alert2;' / input ty...
Windu CMS 2.2 CSRF Add Admin Exploit
Summary Windu CMS is a simple, lightweight and fun-to-use website content management software. Description Windu CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verif...
Windu CMS 2.2 Multiple Persistent Cross-Site Scripting Vulnerabilities
Summary Windu CMS is a simple, lightweight and fun-to-use website content management software. Description Multiple stored XSS vulnerabilities exist when parsing user input to the 'name' and 'username' POST parameters. Attackers can exploit these weaknesses to execute arbitrary HTML and script co...