15 matches found
EUVD-2019-7873
Malware in sbrugna...
CVE-2019-17522
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the adminindex.php?page=settings SITE NAME field aka SITENAME, a related issue to CVE-2011-4709.1...
Hotaru CMS Cross-Site Scripting Vulnerability
Hotaru CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Hotaru CMS v1.7.2. The vulnerability stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to...
CVE-2019-17522
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the adminindex.php?page=settings SITE NAME field aka SITENAME, a related issue to CVE-2011-4709.1...
CVE-2019-17522
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the adminindex.php?page=settings SITE NAME field aka SITENAME, a related issue to CVE-2011-4709.1...
Cross site scripting
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the adminindex.php?page=settings SITE NAME field aka SITENAME, a related issue to CVE-2011-4709.1...
CVE-2019-17522
CVE-2019-17522 is a stored XSS vulnerability in Hotaru CMS v1.7.2. The issue is exploitable via the admin_index.php?page=settings SITE NAME field (SITE_NAME), allowing a malicious input to be stored and later reflected to an administrator, with the potential to execute client-side scripts. The re...
CVE-2019-17522
A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the adminindex.php?page=settings SITE NAME field aka SITENAME, a related issue to CVE-2011-4709.1...
CVE-2011-4709
Multiple cross-site scripting XSS vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the 1 SITENAME parameter to adminindex.php, or the 2 return and 3 search parameters to index.php. NOTE: some of these details a...
CVE-2011-4709
Multiple cross-site scripting XSS vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the 1 SITENAME parameter to adminindex.php, or the 2 return and 3 search parameters to index.php. NOTE: some of these details a...
CVE-2011-4709
CVE-2011-4709 is an XSS issue in Hotaru CMS (admin_index.php SITE_NAME and related admin/index parameters). Connected Red Hat/Veracode records tie a stored-XSS variant to Hotaru CMS v1.7.2 via SITE_NAME, indicating a broader XSS lineage. The sources here do not specify exact affected versions or ...
Search Plugin for Hotaru CMS 1.4.2 - admin_index.php?site_name Cross-Site Scripting
Search Plugin for Hotaru CMS 1.4.2 - adminindex.php?sitename Cross-Site Scripting source: https://www.securityfocus.com/bid/50657/info Hotaru CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically...
Hotaru CMS 1.4.2 Cross Site Scripting
Hotaru CMS 1.4.2 SITENAME Parameter Stored XSS Vulnerability function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="SITENAME" val...
Search Plugin for Hotaru CMS 1.4.2 - 'admin_index.php?site_name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/50657/info Hotaru CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script...
Hotaru CMS 1.4.2 SITE_NAME Parameter Stored XSS Vulnerability
Summary Hotaru CMS is an open source, PHP platform for building your own websites. With flexible plugins and themes, you can make any site you like. Description The CMS suffers from multiple XSS vulnerabilities. Input thru the POST parameters 'SITENAME' stored, 'return' reflected and the GET...