CVE-2024-32342

A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter...

CVE-2024-32342

A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter...

CVE-2024-32342

A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter...

CVE-2024-32342

A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter...

CVE-2024-32342

Boid CMS v2.1.0 is affected by an XSS in the Create Page, exploitable via a crafted payload to the Permalink parameter. The vulnerability arises from improper handling of input in the Create Page flow, allowing attackers to execute arbitrary scripts/HTML in the context of users viewing the affect...

PT-2024-24521 · Boidcms · Boidcms

Name of the Vulnerable Software and Affected Versions: Boid CMS version 2.1.0 Description: A cross-site scripting XSS vulnerability in the Create Page of Boid CMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter. Recommendations...

CVE-2020-24861

GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page...

CVE-2020-24861

GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page...

Cross site scripting

GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page...

Directory traversal

Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the permalink parameter in core.php, accessed through index.php; and 2 the thispost parameter in comments.php...

CVE-2008-0559

Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the permalink parameter in core.php, accessed through index.php; and 2 the thispost parameter in comments.php...

CVE-2008-0559

CVE-2008-0559 affects Nilson’s Blogger 0.11. The vulnerability is a directory-traversal flaw that allows remote attackers to include and execute arbitrary local files via a .. in two parameters: (1) permalink in core.php (through index.php) and (2) thispost in comments.php. Root cause is improper...

CVE-2008-0559

Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the permalink parameter in core.php, accessed through index.php; and 2 the thispost parameter in comments.php...