4 matches found
Alkacon OpenCMS 7.0.3 - logfileViewSettings.jsp filePath Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied inpu...
CVE-2008-1753
Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...
Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath.0' Arbitrary File Access
source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these...
CVE-2008-1045
Alkacon OpenCMS 7.0.3 contains a Cross-site Scripting (XSS) vulnerability in the file tree navigation function (system/workplace/views/explorer/tree_files.jsp). The issue allows remote attackers to inject arbitrary web script or HTML via the resource parameter. No other concrete details (such as ...