14 matches found
EUVD-2016-2283
Malware in sbrugna...
appleple a-blog cms 跨站脚本漏洞
appleple a-blog cms is a content management system from appleple. A cross-site scripting vulnerability exists in appleple a-blog cms versions prior to 3.1.43, which stems from improper input neutralization and could lead to cross-site scripting attacks...
appleple a-blog cms 代码问题漏洞
appleple a-blog cms is a content management system from appleple, Inc. A code issue vulnerability exists in appleple a-blog cms, which stems from server-side request forgery and could lead to the acquisition of sensitive information...
appleple a-blog cms 安全漏洞
appleple a-blog cms is a content management system from appleple, Inc. A security vulnerability exists in appleple a-blog cms, which stems from improper log cleaning and could allow a remote, unauthenticated attacker to hijack a legitimate user session...
appleple a-blog cms 代码问题漏洞
appleple a-blog cms is a content management system from appleple. A code issue vulnerability exists in versions of appleple a-blog cms prior to Ver.3.1.37, which stems from improper handling of deserialization of untrustworthy data, which could lead to the execution of arbitrary script...
Appleple a-blog cms 代码注入漏洞
Appleple a-blog cms is a content management system CMS from appleple Appleple Japan. A code injection vulnerability exists in Appleple a-blog cms, which is vulnerable due to a template injection issue. A remote user can obtain arbitrary files on the server. The vulnerability allows remote attacke...
Appleple a-blog cms 跨站脚本漏洞
Appleple a-blog cms is a content management system CMS from appleple Appleple Japan. The a-blog cms suffers from a cross-site scripting vulnerability that exists due to insufficient cleaning of user-supplied data. A remote user can trick a victim into clicking on a specially crafted link and...
appleple a-blog cms cross-site scripting vulnerability (CNVD-2020-02706)
appleple a-blog cms is a content management system CMS from appleple Japan. A cross-site scripting vulnerability exists in appleple a-blog cms versions 2.10.x before 2.10.23, 2.9.x before 2.9.26, and 2.8.x before 2.8.64. The vulnerability stems from a lack of proper validation of client-side data...
CVE-2016-1178
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors...
CVE-2016-1179
Cross-site scripting XSS vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML...
CVE-2016-1178
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors...
CVE-2016-1178
The CVE-2016-1178 issue affects appleple a-blog cms up to version 2.6.0.1, where a flaw in the session management of the comment feature allows remote attackers to obtain or modify sensitive data. Related sources describe concrete impacts: an unauthenticated attacker could delete arbitrary commen...
CVE-2016-1179
The CVE-2016-1179 issue affects appleple a-blog cms (2.6.0.1 and earlier). The vulnerability is a Cross-site Scripting (XSS) in the standard template of the comment functionality, allowing an attacker to inject arbitrary script/HTML into user browsers. Affected component: the comment template in ...
appleple a-blog cms cross-site scripting vulnerability
appleple a-blog cms is a content management system CMS from appleple Japan. A cross-site scripting vulnerability exists in appleple a-blog cms 2.6.0.1 and earlier versions. An attacker can exploit this vulnerability to inject arbitrary web script or HTML...