2 matches found
BlogoText Cross-Site Scripting Attack Vulnerability
BlogoText is a lightweight SQLite blogging engine. A cross-site scripting vulnerability exists in BlogoText versions prior to 3.7.6. The vulnerability can be exploited remotely to inject JavaScript code with the help of comments in the inc/conv.php file...
BlogoText 'markup_clean_href' function cross-site scripting vulnerability
BlogoText is a lightweight SQLite blogging engine. A cross-site scripting vulnerability exists in the 'markupcleanhref' function in the inc/conv.php file in BlogoText 3.7.6 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript code with the help of ...