EUVD-2012-4280

Malware in sbrugna...

CVE-2012-4336

Multiple cross-site scripting XSS vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO or 2 an arbitrary parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO or 2 an arbitrary parameter...

CVE-2012-4336

CVE-2012-4336 affects Flogr 2.5.6 and earlier with multiple cross-site scripting (XSS) vulnerabilities in index.php. Web attackers can inject arbitrary script/HTML via (1) PATH_INFO (e.g., /index.php/) or (2) any GET parameter, leading to script execution in a victim’s browser. PoC examples and a...

CVE-2012-4336

Multiple cross-site scripting XSS vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO or 2 an arbitrary parameter...

Cross-Site Scripting (XSS) Vulnerabilities in Flogr

Advisory ID: HTB23110 Product: Flogr Vendor: Flogr Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Vendor Notification: August 15, 2012 Public Disclosure: September 5, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4336 CVSSv2 Base Score: 4.3...

Flogr 2.5.6 Cross Site Scripting

Advisory ID: HTB23110 Product: Flogr Vendor: Flogr Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Vendor Notification: August 15, 2012 Public Disclosure: September 5, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4336 CVSSv2 Base Score: 4.3...

Flogr 2.5.6 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Product: Flogr Vendor: Flogr Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Vendor Notification: August 15, 2012 Public Disclosure: September 5, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...

Flogr - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/55418/info Flogr is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Flogr - index.php Multiple Cross-Site Scripting Vulnerabilities

Flogr - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/55418/info Flogr is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities

Title: ====== Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=656 VL-ID: ===== 656 Common Vulnerability Scoring System: ==================================== 2 Introduction: ============= Flog...

Cross-Site Scripting (XSS) Vulnerabilities in Flogr

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Flogr, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS Vulnerabilities in Flogr: CVE-2012-4336 Input appended to the URL after /index.php is not properly sanitised before...

Flogr 2.5.6 / 2.3 Cross Site Scripting Vulnerabilities

Exploit for php platform in category web applications Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Details: ======== Multiple non persistent cross site scripting vulnerabilities are detected in the Flogr v2.5.6 & v2.3 photo gallery CMS. The vulnerability allows remote attackers to hija...

Flogr 2.5.6 / 2.3 Cross Site Scripting

Title: ====== Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=656 VL-ID: ===== 656 Common Vulnerability Scoring System: ==================================== 2 Introduction: ============= Flog...

Flogr V1.7 Xss Vulnerability

Exploit Title : Flogr V1.7 Xss Vulnerability Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 16:00 Source : www.flogr.googlecode.com...

Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities

Document Title: =============== Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=656 Release Date: ============= 2012-07-10 Vulnerability Laboratory ID VL-ID: ==================================== 656...

Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities

Document Title: =============== Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=656 Release Date: ============= 2012-07-10 Vulnerability Laboratory ID VL-ID: ==================================== 656...

Flogr - tag Multiple Cross-Site Scripting Vulnerabilities

Flogr - tag Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54354/info Flogr is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

Flogr - 'tag' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/54354/info Flogr is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

Flogr 1.7 Cross Site Scripting

Exploit Title : Flogr V1.7 Xss Vulnerability Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 23/1/2012 - 16:00 Source : www.flogr.googlecode.com DorK : inurl:"tag=" "powered by flogr v1.7" Expl0iTs:...