4 matches found
CVE-2012-4029
Cross-site scripting XSS vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the categoryname parameter in an addsentcategory action...
CVE-2012-4029
Cross-site scripting XSS vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the categoryname parameter in an addsentcategory action...
CVE-2012-4029
CVE-2012-4029 is a documented XSS vulnerability in Chamilo LMS before 1.8.8.6. The flaw occurs in main/dropbox/index.php via the category_name parameter in an addsentcategory action, allowing remote attackers to inject arbitrary web script or HTML. The issue is part of Chamilo 1.8.8.4/1.8.8.6 fam...
Chamilo 1.8.8.4 XSS / File Deletion
Chamilo 1.8.8.4 Multiple Vulnerabilities ======================== CVE: CVE-2012-4029 Issue: Reflected XSS PHPSELF in third-party app, Stored XSS PHPSELF XSS http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'" Stored XSS unfiltered input categoryname...