2 matches found
CVE-2006-0443
CVE-2006-0443 describes a cross-site scripting (XSS) flaw in CheesyBlog 1.0 (archive.php) that allows remote attackers to inject arbitrary script/HTML via the realname, comment parameters, or a javascript: URI in the url parameter when adding a comment. Affected component is the archive.php handl...
CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities
CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16376/info CheesyBlog is prone to multiple HTML injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated...