CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 31.0.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the failure to properly clean user-controlled input when users updated their profile names, which could lead to...

CI4MS 安全漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.28.5.0 contained security vulnerabilities. These vulnerabilities stemmed from email enumeration issues in the authentication implementation. Unverified attackers could determine whether email...

WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities

WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 1. Advisory Information Title: Multiple Vulnerabilities in Mingle Forum WordPress Plugin Advisory URL: http://www.charleshooper.net/advisories/ Date Published: January 8th, 2011 Vendors...

a-blog cross-site scripting vulnerability

Overview a-blog, a server-based blog tool from appleple, Inc. contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution None...