EUVD-2008-1281

Malware in sbrugna...

ImageVue 1.7 - dirxml.php path Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

ImageVue 1.7 - upload.php path Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...

CVE-2008-1273

Multiple cross-site scripting XSS vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to 1 popup.php, 2 test/dir2.php, 3 admin/upload.php, and 4 dirxml.php in upload/. NOTE: the provenance of this information is unknown; the details...

CVE-2008-1273

Multiple cross-site scripting XSS vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to 1 popup.php, 2 test/dir2.php, 3 admin/upload.php, and 4 dirxml.php in upload/. NOTE: the provenance of this information is unknown; the details...

CVE-2008-1273

CVE-2008-1273 concerns multiple XSS vulnerabilities in imageVue 1.7. The affected functionality is in the upload directory, with vulnerable entry points at popup.php, test/dir2.php, admin/upload.php, and dirxml.php. The underlying issue is that the path parameter is not properly sanitized, enabli...

ImageVue 1.7 - 'upload.php?path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28138/info Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...