EUVD-2010-4604

Malware in sbrugna...

CVE-2010-4901

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

CVE-2010-4901

The CVE-2010-4901 issue affects MySource Matrix 3.28.3 (Squiz) where the height (and width) parameter passed to char_map.php is not properly sanitized, enabling remote XSS. Public details describe a remote reflected XSS via these parameters, with vulnerable version 3.28.3 and vendor remediation s...

CVE-2010-4901

Multiple cross-site scripting XSS vulnerabilities in charmap.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the 1 height or 2 width parameter...

CVE-2010-4639

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4639

CVE-2010-4639 corresponds to a SQL injection vulnerability in the MySource Matrix product, specifically in index.php where the id parameter can be manipulated to execute arbitrary SQL commands remotely. The entry has a CVSS v2 base score of 7.5 (HIGH) with network attack vector, low complexity, a...

CVE-2010-4639

SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbitrary SQL commands via the id parameter...

MySource Matrix CMS SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================== MySource Matrix CMS SQL Injection Vulnerability =============================================== + Exploit Title: MySource Matrix SQL Injection Vulnerability + Date: 2010-11-02 + Author : Cru3l.b0...

MySource Matrix 3.28.3 (height) Remote Reflected XSS Vulnerability

Summary MySource Matrix is a powerful Open Source Content Management System CMS written in PHP and is suitable for many types of organisations. Description Input passed via the "height" parameter to charmap.php is not properly sanitised before being returned to the user. This can be exploited to...

MySource Matrix - char_map.php Multiple Cross-Site Scripting Vulnerabilities

MySource Matrix - charmap.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/43020/info MySource Matrix is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...

MySource Matrix - 'char_map.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/43020/info MySource Matrix is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

CVE-2006-5037

MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sqcontentsrc parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting XSS attacks. NOTE: the researcher reports that "The vendor...

CVE-2006-5036

MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sqremotepageurl parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting XSS attacks. NOTE: the researcher reports that "The...

CVE-2006-5037

MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sqcontentsrc parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting XSS attacks. NOTE: the researcher reports that "The vendor...

CVE-2006-5037

CVE-2006-5037 affects MySource Matrix versions after 3.8. The issue allows remote attackers to use the application as an HTTP proxy via a MIME-encoded URL in the sq_content_src parameter, enabling access to arbitrary sites using the server’s IP and enabling cross-site scripting (XSS). The PT-2006...

mysource 2.14.82.16 - Multiple Vulnerabilities

mysource 2.14.82.16 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct...