13 matches found
Kubik-Rubik Simple Image Gallery Extended Cross-Site Scripting Vulnerability in Joomla!
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . Kubik-Rubik Simple Image Gallery Extended SIGE extension is to use one of the image management extension component. A cross-si...
CVE-2018-7717
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...
Design/Logic Flaw
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...
Kubik-Rubik Simple Image Gallery Extended (SIGE),3.2.3,XSS (Cross Site Scripting)
Kubik-Rubik Simple Image Gallery Extended SIGE, versions 3.2.3 and previous, XSS Cross Site Scripting resolution: update to 3.2.4 latest release is 3.3.0 update notice: https://joomla-extensions.kubik-rubik.de/sige-simple-image-gallery-extendedchangelog Note that the developer did not inform the ...
CVE-2017-16356
Reflected XSS in Kubik-Rubik SIGE aka Simple Image Gallery Extended before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/pluginsige/print.php link with a crafted img, name, or caption parameter...
Cross site scripting
Reflected XSS in Kubik-Rubik SIGE aka Simple Image Gallery Extended before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/pluginsige/print.php link with a crafted img, name, or caption parameter...
CVE-2017-16356
Reflected XSS in Kubik-Rubik SIGE aka Simple Image Gallery Extended before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/pluginsige/print.php link with a crafted img, name, or caption parameter...
CVE-2017-16356
CVE-2017-16356 affects Kubik-Rubik Simple Image Gallery Extended (SIGE) for Joomla. The vulnerability is a reflected XSS in print.php that allows JavaScript injection via crafted parameters (caption; also name/img in older versions). Impact is execution of script in the victim’s browser. Affected...
CVE-2017-16356
Reflected XSS in Kubik-Rubik SIGE aka Simple Image Gallery Extended before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/pluginsige/print.php link with a crafted img, name, or caption parameter...
Joomla Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 Component - Cross-Site Scripting
Exploit for php platform in category web applications Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip 0day.today 2018-04-11...
Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting
Joomla! Component Kubik-Rubik Simple Image Gallery Extended SIGE 3.2.3 - Cross-Site Scripting Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...
Joomla Kubik-Rubik SIGE 3.2.3 Cross Site Scripting
Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...
Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting
Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...