4 matches found
CVE-2012-2452
CVE-2012-2452 affects pragmaMx 1.x up to before 1.12.2, enabling XSS via two vectors: (1) name parameter in modules.php and (2) img_url parameter in includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php. The root cause is improper sanitization of user-supplied input. Impact is cross-site sc...
Multiple XSS in pragmaMx
Advisory ID: HTB23090 Product: pragmaMx Vendor: pragmaMx Team Vulnerable Versions: 1.12.1 and probably prior Tested Version: 1.12.1 Vendor Notification: 2 May 2012 Vendor Patch: 4 May 2012 Public Disclosure: 23 May 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-2452...
pragmaMx 1.12.1 Cross Site Scripting
Exploit for php platform in category web applications Product: pragmaMx Vendor: pragmaMx Team Vulnerable Versions: 1.12.1 and probably prior Tested Version: 1.12.1 Vendor Notification: 2 May 2012 Vendor Patch: 4 May 2012 Public Disclosure: 23 May 2012 Vulnerability Type: Cross-Site Scripting XSS...
pragmaMx 1.12.1 Cross Site Scripting
Advisory ID: HTB23090 Product: pragmaMx Vendor: pragmaMx Team Vulnerable Versions: 1.12.1 and probably prior Tested Version: 1.12.1 Vendor Notification: 2 May 2012 Vendor Patch: 4 May 2012 Public Disclosure: 23 May 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-2452...