159 matches found
PT-2020-12068 · Chadha · Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/add-template.php by adding a question mark ?...
PT-2020-12105 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited by injecting arbitrary web script or HTML in...
PT-2020-12102 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/manage-tickets.php by adding a question mark ?...
PT-2020-12069 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/add-user.php by adding a question mark ? followed ...
PT-2020-12065 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/add-group.php by adding a question mark ? followed...
PT-2020-12078 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited in admin/edit-subscriber.php by adding a question mark ?...
PT-2020-12074 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited by injecting arbitrary web script or HTML in...
CVE-2018-10082
CMS Made Simple CMSMS through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 header, 2 header2, 3 header3, 4 header4, 5 header5, 6 header6, 7 header7, 8 header8, and 9 header9 parameters...
CVE-2008-2204
Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 header, 2 header2, 3 header3, 4 header4, 5 header5, 6 header6, 7 header7, 8 header8, and 9 header9 parameters...
CVE-2008-2201
Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 header, 2 header2, 3 header3, 4 header4, 5 header5, 6 header6, 7 header7, 8 header8, and 9 header9 parameters...
CVE-2008-2212
Multiple cross-site scripting XSS vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 msgadminheader, 2 msgadminheader2, 3 msgadminheader3, 4 msgadminheader4, and unspecified other parameters to admin/inc/header.php; the 5 msgscript3 and...
CVE-2008-2204
Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 header, 2 header2, 3 header3, 4 header4, 5 header5, 6 header6, 7 header7, 8 header8, and 9 header9 parameters...
CVE-2008-2212
CVE-2008-2212 affects Maian Cart 1.1 with multiple cross-site scripting (XSS) vulnerabilities. The flaws allow remote attackers to inject arbitrary script/HTML via: (1) msg_adminheader, (2) msg_adminheader2, (3) msg_adminheader3, (4) msg_adminheader4 in admin/inc/header.php; (5) msg_script3 and o...
Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications =============================================================== Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities ===============================================================...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in admin/header.php in Toms Gaestebuch 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 langadminseite, 2 langueberschrift, or 3 einstmetachar parameter, different vectors than CVE-2007-4711...
Remote file inclusion
PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium Plus allows remote attackers to execute arbitrary PHP code via a URL in the loc parameter...
DEBIAN-CVE-2004-1559
Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...
WordPress Core 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is reported vulnerable, however, other...