15 matches found
EUVD-2010-2355
Malware in sbrugna...
EUVD-2010-2354
Malware in sbrugna...
odCMS Cookies handling vulnerabilities
Exploit for php platform in category web applications ====================================== odCMS Cookies handling vulnerabilities ====================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/...
odCMS 1.07 Cross Site Scripting
------------------------------------------------------------------------ Software................odCMS 1.07 Vulnerability...........Reflected XSS Download................http://odcms.org/index.php?Page=Download Release Date............7/5/2010 Tested On...............Windows Vista + XAMPP...
odCMS 1.07 - archive.php Cross-Site Scripting
odCMS 1.07 - archive.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41422/info odCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...
odCMS 1.07 - 'archive.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/41422/info odCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
CVE-2010-2345
Cross-site request forgery CSRF vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests...
CVE-2010-2344
Multiple cross-site scripting XSS vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to 1 main/index.php, 2 members/index.php, 3 forum/index.php, 4 docs/index.php, and 5 announcements/index.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to 1 main/index.php, 2 members/index.php, 3 forum/index.php, 4 docs/index.php, and 5 announcements/index.php...
CVE-2010-2345
The CVE-2010-2345 entry concerns odCMS 1.06 (potentially earlier) and describes a Cross-Site Request Forgery (CSRF) that can hijack an administrator’s session to perform actions such as changing the administrative password and other unspecified requests. The linked sources in the CVE describe the...
CVE-2010-2344
CVE-2010-2344 describes multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06 (and possibly earlier). The issues allow remote attackers to inject arbitrary web script or HTML via the Page parameter to the following pages: _main/index.php, _members/index.php, _forum/index.php, _docs/in...
CVE-2010-2344
Multiple cross-site scripting XSS vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to 1 main/index.php, 2 members/index.php, 3 forum/index.php, 4 docs/index.php, and 5 announcements/index.php...
CVE-2010-2345
Cross-site request forgery CSRF vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests...
Cross-site Scripting (XSS) Vulnerabilities in odCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in odCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in odCMS 1.1 The vulnerability exists due to input sanitation error in the "content" parameter in...