3 matches found
ozjournals.txt
OZJournals 1.2 alert"lol";&vemail=mail%40mail.it&vlocation=test&vcomment=test ---------------------------------------------------------------------------------------------- Credit Author: Kiki Site: http://kiki91.altervista.org IRC Channel: irc.azzurra.org 6667 system...
CVE-2006-2390
The set of connected documents confirms a cross-site scripting (XSS) vulnerability in OZJournals 1.2, exploitable via the vname parameter in the comments functionality. The CVSSv2 base score is 5.8 (Medium), with network access required and no user interaction needed, and impact described as part...
OZJournals 1.2 - 'Vname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17954/info OZJournals is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...