173 matches found
Stored XSS vulnerability in Pixie
Vulnerability ID: HTB22469 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: Stored XSS Cross...
XSS vulnerability in Pixie
Vulnerability ID: HTB22468 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site Scripting...
XSRF (CSRF) in Pixie
Vulnerability ID: HTB22471 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinpixie1.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...
Pixie 1.0.4 - HTML Injection Cross-Site Scripting
Pixie 1.0.4 - HTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/41727/info Pixie is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execu...
Pixie 1.0.4 - HTML Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/41727/info Pixie is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the issues to execute arbitrary script code in the browser of an...
Multiple Vulnerabilities in Pixie
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...
CVE-2009-1065
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-1067
Cross-site scripting XSS vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter...
CVE-2009-1066
SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter...
Sql injection
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Sql injection
SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...
CVE-2009-1065
SQL injection vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the x parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-1066
SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...
CVE-2009-1065
The CVE-2009-1065 entry concerns a SQL injection vulnerability in Pixie CMS 1.01a (index.php) that allows remote attackers to execute arbitrary SQL commands via the x parameter. Affected component: Pixie CMS 1.01a, vulnerability in index.php; root cause is improper handling of input leading to SQ...
CVE-2009-1066
Pixie CMS 1.01a is affected by CVE-2009-1066 due to an SQL injection in the referral function (admin/lib/lib_logs.php). The vulnerability can be triggered via the Referer HTTP header, enabling remote attackers to execute arbitrary SQL commands against the database. Multiple sources in the connect...
CVE-2009-1067
Cross-site scripting XSS vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter...
CVE-2009-1067
CVE-2009-1067 is a cross-site scripting (XSS) vulnerability in Pixie CMS 1.01a, exploitable via the x parameter in index.php to inject arbitrary script/HTML. Affected software/component: Pixie CMS 1.01a (index.php). Root cause: unsafely reflected input through the x parameter leading to script ex...
PT-2009-3648 · Pixie · Pixie Cms
Name of the Vulnerable Software and Affected Versions: Pixie CMS version 1.01a Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the x parameter in the "index.php" file. Recommendations: For Pixie CMS versi...
PT-2009-3647 · Pixie · Pixie Cms
Name of the Vulnerable Software and Affected Versions: Pixie CMS version 1.01a Description: The issue allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request, specifically in the referral function in admin/lib/lib logs.php. Recommendations: For Pixie CMS...