4 matches found
CVE-2014-8352
Cross-site scripting XSS vulnerability in json.php in French National Commission on Informatics and Liberty aka CNIL CookieViz allows remote we servers to inject arbitrary web script or HTML via the maxdate parameter...
CVE-2014-8352
Cross-site scripting XSS vulnerability in json.php in French National Commission on Informatics and Liberty aka CNIL CookieViz allows remote we servers to inject arbitrary web script or HTML via the maxdate parameter...
CVE-2014-8352
CVE-2014-8352 affects CNIL CookieViz: the json.php endpoint is vulnerable to cross-site scripting via the max_date parameter, allowing remote injection of arbitrary script/HTML. The NVD entry lists a MEDIUM base score (CVSS2: AV:N/AC:M/Au:N/C:N/I:P/A:N; base 4.3) with partial integrity impact and...
CNIL CookieViz Cross Site Scripting / SQL Injection Vulnerabilities
CNIL CookieViz suffers from cross site scripting and remote SQL injection vulnerabilities. CNIL CookieViz XSS + SQL injection leading to user pwnage Product link: https://github.com/LaboCNIL/CookieViz CVE references CVE-2014-8351, CVE-2014-8352 TL;DR ----- Since October 2014, the French National...