4 matches found
EUVD-2008-3650
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in XRMS allow remote attackers to inject arbitrary web script or HTML via 1 the real name field, related to the user list; 2 the target parameter to login.php, 3 the title parameter to activities/some.php, 4 the companyname parameter to...
CVE-2008-3398
Multiple cross-site scripting XSS vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129...
CVE-2008-1129
XRMS CRM contains a Cross-site scripting (XSS) vulnerability in admin/users/self.php exploitable via the msg parameter. The CVE-2008-1129 entry notes remote script/HTML injection, with XSS details corroborated by related XRMS disclosures (and cross-referenced CVEs such as CVE-2008-3398 and CVE-20...