2 matches found
CVE-2012-1296
Multiple cross-site scripting XSS vulnerabilities in apps/admin/handlers/preview.php in Elefant CMS 1.0.x before 1.0.2-Beta and 1.1.x before 1.1.5-Beta allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 body parameter to admin/preview...
Multiple vulnerabilities in Elefant CMS
Advisory ID: HTB23076 Product: Elefant CMS Vendor: Elefant CMS Vulnerable Versions: 1.1.3 beta and probably prior Tested Version: 1.1.3 beta Vendor Notification: 22 February 2012 Vendor Patch: 22 February 2012 Public Disclosure: 14 March 2012 Vulnerability Type: SQL Injection, XSS Cross Site...