3 matches found
CVE-2015-1053
Cross-site scripting XSS vulnerability in the administrative backend in Croogo before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the path parameter to admin/filemanager/filemanager/editfile...
CVE-2015-1053
The CVE-2015-1053 entry relates to Croogo’s administrative backend, where an XSS flaw exists in versions prior to 2.2.1. The vulnerability arises from the path parameter used by admin/file_manager/file_manager/editfile, enabling remote attackers to inject arbitrary web script or HTML. Reports acr...
CVE-2015-1053
Cross-site scripting XSS vulnerability in the administrative backend in Croogo before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the path parameter to admin/filemanager/filemanager/editfile...