7 matches found
EUVD-2007-3229
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in searchform.php in the AndyBlue theme before 20070607 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PHPSELF portion of a URI to index.php. NOTE: this can be leveraged for PHP code execution in an administrative sessio...
CVE-2007-3239
Cross-site scripting XSS vulnerability in searchform.php in the AndyBlue theme before 20070607 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PHPSELF portion of a URI to index.php. NOTE: this can be leveraged for PHP code execution in an administrative sessio...
CVE-2007-3239
The CVE-2007-3239 entry describes an XSS vulnerability in the AndyBlue WordPress theme (pre-20070607) via the PHP_SELF value in searchform.php used by index.php. The underlying issue is reflected/script injection in the search form, which could be leveraged to execute arbitrary script or HTML in ...
CVE-2007-3239
Cross-site scripting XSS vulnerability in searchform.php in the AndyBlue theme before 20070607 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PHPSELF portion of a URI to index.php. NOTE: this can be leveraged for PHP code execution in an administrative sessio...
Andyblue < 20070607 - XSS
The andyblue WordPress theme was affected by a XSS security vulnerability...
WordPress AndyBlue Theme - XSS
Because of this vulnerability in searchform.php, the attackers can inject arbitrary web script or HTML. Solution Update the theme...