4 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat and 2 file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367...
CVE-2009-1367
Cross-site scripting XSS vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a...
CVE-2009-1367
Cross-site scripting XSS vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a...
CVE-2009-1367
MoziloCMS vulnerability CVE-2009-1367 affects moziloCMS 1.11 (index.php) with XSS via the search action parameter. The OpenVAS entry also notes a local file-include (LFI) and XSS issue in moziloCMS, indicating input sanitization failures. Affected component: moziloCMS web application; issue type:...