2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Bitweaver 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the URL parameter to 1 edit.php and 2 list.php in articles/; 3 listblogs.php and 4 rankings.php in blogs/; 5 calendar/index.php; 6 calendar.php, 7 index.php, and 8...
CVE-2007-0526
CVE-2007-0526 describes multiple XSS vulnerabilities in Bitweaver 1.3.1. The attack vectors exploit the PATH_INFO portion of the URL to inject arbitrary script/HTML via the following pages: articles/edit.php, articles/list.php, blogs/list_blogs.php, and blogs/rankings.php. Root cause is cross-sit...