4 matches found
EUVD-2012-2898
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in Upload/engine.php in Chevereto 1.91 allows remote attackers to inject arbitrary web script or HTML via the v parameter...
CVE-2012-2918
Cross-site scripting XSS vulnerability in Upload/engine.php in Chevereto 1.91 allows remote attackers to inject arbitrary web script or HTML via the v parameter...
CVE-2012-2918
Chevereto 1.91 is affected by CVE-2012-2918 due to a cross-site scripting (XSS) flaw in Upload/engine.php that allows injecting arbitrary web script or HTML via the v parameter. The vulnerability is tied to the engine.php handler in Chevereto 1.91; exploitation details are not provided in the ava...