2 matches found
CVE-2010-2615
Multiple cross-site scripting XSS vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 pagemenu and 2 description parameters in an editpage action...
CVE-2010-2615
Grafik CMS 1.1.2 (admin/admin.php) contains Cross-Site Scripting (XSS) flaws that allow injection of arbitrary HTML/JS via the page_menu (settings) and description (edit_page) parameters. The vulnerability arises from input sanitization errors in /admin/admin.php. Exploitation requires the attack...