7 matches found
Maran PHP Blog 'comments.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30309/info Maran PHP Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
Maran PHP Blog Xss By Khashayar Fereidani
---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...
Maran PHP Blog - 'comments.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30309/info Maran PHP Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
CVE-2007-3198
Cross-site scripting XSS vulnerability in comments.php in Maran PHP Blog Maran Blog, possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in comments.php in Maran PHP Blog Maran Blog, possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2007-3198
CVE-2007-3198 is an XSS vulnerability in Maran PHP Blog (comments.php) where the id parameter can be exploited to inject arbitrary script/HTML. Affected versions are possibly before 2007-06-10. The issue allows remote attackers to execute script in the context of the victim’s browser; impact per ...
CVE-2007-3198
Cross-site scripting XSS vulnerability in comments.php in Maran PHP Blog Maran Blog, possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter...