8 matches found
EUVD-2012-0356
Malware in sbrugna...
PortlandLabs Concrete CMS Cross-Site Scripting Vulnerability (CNVD-2021-76088)
PortlandLabs Concrete Cms is a team-oriented open source content management system for the United States PortlandLabs . A cross-site scripting vulnerability exists in PortlandLabs Concrete CMS that stems from the failure of the website field of the product's podcast comment feature to properly...
CVE-2012-0320
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...
Design/Logic Flaw
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the 1 commenting feature or 2 community script...
CVE-2012-0317
Multiple cross-site request forgery CSRF vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the 1 commenting feature or 2 community script...
CVE-2012-0320
CVE-2012-0320 affects Movable Type before 4.38, 5.0.x before 5.07, and 5.1.x before 5.13. The vulnerability allows remote attackers to take control of user sessions via the commenting feature and the community script, enabling session hijack. Relevant advisories reference upgrades to fixed releas...
CVE-2012-0320
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the 1 commenting feature and 2 community script...