UBUNTU-CVE-2021-28940

Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpiedebug.php and /scripts/magpiesimple.php page that if you send a specific https url in the RS...

WordPress WP-Planet Cross-Site Scripting Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP-Planet is one of the plugins used in it. WordPress WP-Planet 0.1 and earlier versions of the rss.class/scripts/magpiedebug.php...

Feed to JavaScript 'magpie_debug.php' HTML Injection Vulnerability

Feed to JavaScript is a set of tools to output feed content in JS and embed it into a web page to make a list of articles. An HTML injection vulnerability exists in Feed to JavaScript, which can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain...

Feed2JS 'magpie_debug.php' Cross-Site Scripting Vulnerability

Feed2JS is the feed content to JS output , easy to embed in the page to make a list of articles . Feed2JS magpiedebug.php handles the url with a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and b magpiesimple.php in external/magpierss/scripts/, the 2 rssurl parameter to c magpieslashbox.p...