8 matches found
EUVD-2007-0122
Malware in sbrugna...
EditTag 1.2 edittag.pl file Variable Arbitrary File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file...
Path traversal
Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to 1 edittag.cgi, 2 edittag.pl, 3 edittagmp.cgi, or 4 edittagmp.pl...
CVE-2007-0119
Multiple cross-site scripting XSS vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to 1 mkpwmp.cgi, 2 mkpw.pl, or 3 mkpw.cgi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to 1 mkpwmp.cgi, 2 mkpw.pl, or 3 mkpw.cgi...
CVE-2007-0119
Multiple cross-site scripting XSS vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to 1 mkpwmp.cgi, 2 mkpw.pl, or 3 mkpw.cgi...
EditTag 1.2 - mkpw_mp.cgi?plain Cross-Site Scripting
EditTag 1.2 - mkpwmp.cgi?plain Cross-Site Scripting source: https://www.securityfocus.com/bid/21891/info EditTag is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
EditTag 1.2 - 'mkpw.cgi?plain' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21891/info EditTag is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in t...