EUVD-2007-3205

Malware in sbrugna...

Movable Type mt-comments.cgi static Parameter XSS

The version of Movable Type running on the remote host is affected by a cross-site scripting vulnerability because the application fails to properly sanitize input to the 'static' parameter of the 'mt-comments.cgi' script. An attacker may be able to leverage this to inject arbitrary HTML and scri...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 view and 2 mode parameters...

CVE-2007-3213

Multiple cross-site scripting XSS vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 view and 2 mode parameters...

CVE-2005-3104

mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments...

Movable Type < 3.2 Multiple Vulnerabilities

The version of Movable Type installed on the remote host is affected by multiple vulnerabilities : - The application allows an attacker to enumerate valid usernames because its password reset functionality returns different errors depending on whether the supplied username exists. CVE-2005-3101 -...