3 matches found
CVE-2009-0541
Multiple cross-site scripting XSS vulnerabilities in Magento 1.2.0 and 1.2.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the username field in an admin/ request to index.php, possibly related to the loginusername parameter and the app/code/core/Mage/Admin/Model/Session.p...
CVE-2009-0541
CVE-2009-0541 describes multiple cross-site scripting (XSS) vulnerabilities in Magento 1.2.0 and 1.2.1.1. The issue arises from insufficient input sanitization in three areas: (1) admin login via index.php (username field, likely login[username]); (2) admin forgot password flow via index.php (ema...
CVE-2009-0541
creationtimestamp| type| source ---|---|--- 2009-02-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32808 2009-02-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32809 2009-02-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32810 2026-04-23...