Lucene search
K

4 matches found

NVD
NVD
added 2014/11/06 3:55 p.m.13 views

CVE-2014-8352

Cross-site scripting XSS vulnerability in json.php in French National Commission on Informatics and Liberty aka CNIL CookieViz allows remote we servers to inject arbitrary web script or HTML via the maxdate parameter...

4.3CVSS5.7AI score0.01481EPSS
Exploits3References4
Cvelist
Cvelist
added 2014/11/06 3:0 p.m.18 views

CVE-2014-8352

Cross-site scripting XSS vulnerability in json.php in French National Commission on Informatics and Liberty aka CNIL CookieViz allows remote we servers to inject arbitrary web script or HTML via the maxdate parameter...

5.7AI score0.01481EPSS
Exploits3References4
CVE
CVE
added 2014/11/06 3:0 p.m.32 views

CVE-2014-8352

CVE-2014-8352 affects CNIL CookieViz: the json.php endpoint is vulnerable to cross-site scripting via the max_date parameter, allowing remote injection of arbitrary script/HTML. The NVD entry lists a MEDIUM base score (CVSS2: AV:N/AC:M/Au:N/C:N/I:P/A:N; base 4.3) with partial integrity impact and...

4.3CVSS5.8AI score0.01481EPSS
Exploits3References4Affected Software1
0day.today
0day.today
added 2014/11/05 12:0 a.m.64 views

CNIL CookieViz Cross Site Scripting / SQL Injection Vulnerabilities

CNIL CookieViz suffers from cross site scripting and remote SQL injection vulnerabilities. CNIL CookieViz XSS + SQL injection leading to user pwnage Product link: https://github.com/LaboCNIL/CookieViz CVE references CVE-2014-8351, CVE-2014-8352 TL;DR ----- Since October 2014, the French National...

7.5CVSS7.4AI score0.01656EPSS
Exploits4
Rows per page
Query Builder