11 matches found
EUVD-2007-1237
Malware in sbrugna...
Docebo CMS 3.0.x index.php searchkey Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22719/info Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...
Docebo CMS 3.0.x modules/htmlframechat/index.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22719/info Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 allow remote attackers to inject arbitrary web script or HTML via 1 the searchkey parameter to index.php, or the 2 sn or 3 ri parameter to modules/htmlframechat/index.php. NOTE: the provenance of this information ...
CVE-2007-1240
CVE-2007-1240 involves multiple cross-site scripting (XSS) vulnerabilities in Docebo CMS 3.0.3 through 3.0.5. The flaws allow remote attackers to inject arbitrary web script or HTML via specific parameters: (1) searchkey to index.php, and (2) sn or (3) ri to modules/htmlframechat/index.php. The d...
CVE-2007-1240
Multiple cross-site scripting XSS vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 allow remote attackers to inject arbitrary web script or HTML via 1 the searchkey parameter to index.php, or the 2 sn or 3 ri parameter to modules/htmlframechat/index.php. NOTE: the provenance of this information ...
Docebo CMS 3.0.x - index.php?searchkey Cross-Site Scripting
Docebo CMS 3.0.x - index.php?searchkey Cross-Site Scripting Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
Docebo CMS 3.0.x - '/modules/htmlframechat/index.php' Multiple Cross-Site Scripting Vulnerabilities
Docebo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...
DoceboCMS303.txt
----------------------------------------------------- Advisory id: FSA:007 Author: Federico Fazzi Date: 09/06/2006, 6:10 Sinthesis: Docebo CMS 3.0.3, Remote command execution Type: high Product: http://www.docebolms.org/ Patch: unavailable ----------------------------------------------------- 1...
Docebo CMS 3.0.3, Remote command execution
----------------------------------------------------- Advisory id: FSA:007 Author: Federico Fazzi Date: 09/06/2006, 6:10 Sinthesis: Docebo CMS 3.0.3, Remote command execution Type: high Product: http://www.docebolms.org/ Patch: unavailable ----------------------------------------------------- 1...
[Full-disclosure] Docebo CMS 3.0.3, Remote command execution
----------------------------------------------------- Advisory id: FSA:007 Author: Federico Fazzi Date: 09/06/2006, 6:10 Sinthesis: Docebo CMS 3.0.3, Remote command execution Type: high Product: http://www.docebolms.org/ Patch: unavailable ----------------------------------------------------- 1...