2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to 1 login.php, 2 importer.php, 3 addgroupe.php, 4 contacts.php, 5 groupes.php, and 6 search.php...
CVE-2008-2037
CVE-2008-2037 describes multiple XSS vulnerabilities in EditeurScripts EsContacts 1.0, exploitable by remote authenticated users via the msg parameter in login.php, importer.php, add_groupe.php, contacts.php, groupes.php, and search.php. The linked evidence from connected sources confirms the aff...