2 matches found
CVE-2014-9004
This CVE concerns the Web app component vldPersonals. Affected version: before 2.7.1. Root cause: a Cross‑Site Scripting (XSS) vulnerability in the member_profile action of index.php, exploitable via the id parameter. Impact: remote attackers can inject arbitrary web scripts or HTML, potentially ...
CVE-2014-9004
creationtimestamp| type| source ---|---|--- 2014-11-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35193...