Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:34 p.m.8 views

CVE-2010-1453

Cross-site scripting XSS vulnerability in the Login form in Piwik 0.1.6 through 0.5.5 allows remote attackers to inject arbitrary web script or HTML via the formurl parameter...

4.3CVSS5.8AI score0.02988EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2010/05/14 12:0 a.m.21 views

FreeBSD Ports: piwik

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.6AI score0.02988EPSS
Exploits1References2
seebug.org
seebug.org
added 2010/05/10 12:0 a.m.18 views

Piwik < 0.6 form_url参数跨站脚本漏洞

BugCVE: CVE-2010-1453 BUGTRAQ: 39144 Piwik是一款利用Php+MySQL技术构建的开源网页访问统计系统。 Piwik没有正确地过滤提交给index.php页面的formurl参数便返回给了用户,攻击者诱骗用户跟随恶意的登录URL链接就可以执行反射式跨站脚本攻击,导致在用户浏览器会话中执行任意HTML和脚本代码。 Piwik 0.6 厂商补丁: Piwik ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://piwik.org/latest.zip...

4.3CVSS6.5AI score0.02988EPSS
Exploits1
Debian CVE
Debian CVE
added 2010/05/07 5:43 p.m.11 views

CVE-2010-1453

Cross-site scripting XSS vulnerability in the Login form in Piwik 0.1.6 through 0.5.5 allows remote attackers to inject arbitrary web script or HTML via the formurl parameter...

4.3CVSS5.9AI score0.02988EPSS
Exploits1
CVE
CVE
added 2010/05/07 5:43 p.m.60 views

CVE-2010-1453

The CVE-2010-1453 issue affects Piwik up to v0.5.5, where the Login form did not properly filter the form_url parameter, enabling reflected XSS. Affected versions include 0.1.6 through 0.5.5; exploitation allows remote injection of arbitrary script/HTML via form_url. Several connected sources (Re...

4.3CVSS5.7AI score0.02988EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder