6 matches found
EUVD-2007-3281
Malware in sbrugna...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the article name field in plugins/content/pages/content.php, accessible over the content/edit endpoint. An attacker can steal cookies and perform session hijacking by injecting malicious scripts. Details...
Stored XSS in REDAXO
Summary Stored XSS in REDAXO 5.18.1 - Article / "content/edit". Details On the latest version of Redaxo, v5.18.1, the article name field is susceptible to stored XSS. Impact A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack...
CVE-2007-3291
Cross-site scripting XSS vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php...
CVE-2007-3291
CVE-2007-3291 describes a cross-site scripting (XSS) flaw in LiveCMS 3.4 and earlier. The vulnerability arises from handling the article name (potentially involving the titulo parameter in article.php), allowing remote attackers to inject arbitrary script/HTML. Evidence from NVD lists a MEDIUM im...
CVE-2007-3291
Cross-site scripting XSS vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php...