4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-0933
Cross-site scripting XSS vulnerability in PHPX 3.5.9 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-0933
CVE-2006-0933 concerns a Cross-site Scripting (XSS) vulnerability in PHPX 3.5.9. The issue allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a url XCode tag contained in a posted message. The available connected documents confirm the affected software version...
CVE-2005-3968
The affected software is PHPX (versions 3.5.9 and earlier). The vulnerability is an SQL injection in the auth flow via the username parameter (auth.inc.php), which can allow remote attackers to bypass authentication and potentially upload arbitrary PHP code. The issue is triggered by unsafely con...