5 matches found
CVE-2009-2930
CVE-2009-2930 is an XSS vulnerability in elka CMS (aka Elkapax), affecting the Search feature. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI. According to NVD, the exploitability vector is Network with Medium complexity and no auth...
Elkapax CMS Cross Site Scripting
================= IUT-CERT ================= Title: Elkapax CMS Multiple Vulnerabilities Vendor: www.elkapax.com Type: Input.Validation.Vulnerability Cross Site Scripting Fix: N/A ================== nsec.ir ================= Description: ------------------ Elkapax is a CMS producer in Iran. Searc...
Elkagroup Elkapax - q Cross-Site Scripting
Elkagroup Elkapax - q Cross-Site Scripting source: https://www.securityfocus.com/bid/43131/info Elkagroup Elkapax is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...
Elkapax CMS Cross site scripting vulnerability
================= IUT-CERT ================= Title: Elkapax CMS Multiple Vulnerabilities Vendor: www.elkapax.com Type: Input.Validation.Vulnerability Cross Site Scripting Fix: N/A ================== nsec.ir ================= Description: ------------------ Elkapax is a CMS producer in Iran. Searc...
Elkagroup Elkapax - 'q' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43131/info Elkagroup Elkapax is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...