2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Bitweaver 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to 1 edit.php and 2 list.php in articles/; 3 listblogs.php and 4 rankings.php in blogs/; 5 calendar/index.php; 6 calendar.php, 7 index.php, and 8...
CVE-2005-4379
Bitweaver 1.1 and 1.1.1 beta are affected by multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via specific parameters: (1) sort_mode in fisheye/list_galleries.php, messages/message_box.php, and users/my.php; (2) post_id ...