Cross site scripting

Cross-site scripting XSS vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information...

CVE-2010-4748

PmWiki 2.2.20 is affected by a Cross-site Scripting (XSS) vulnerability in pmwiki.php via the from parameter to Main/WikiSandbox. This allows remote attackers to inject arbitrary web script or HTML. The issue is confirmed across multiple sources (NVD/NVD mirror and OpenVAS advisories) and is cate...

CVE-2010-4748

Cross-site scripting XSS vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information...

PmWiki 'from' Cross-Site Scripting Vulnerability

This host is running PmWiki and is prone to Cross Site Scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbpmwikifromxssvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ PmWiki 'from' Cross-Site Scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...

PmWiki < 2.2.21 XSS Vulnerability

PmWiki is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

PmWiki Cross Site Scripting

Hi you can xss pmwiki like this: http://dtcsupport.gplhost.com/Main/WikiSandbox?from=%22/%3E%3Cbody%20onload=alert%281%29%3E Also the above it seems to behave differently across versions of pmwiki. If it doesn't work ...html injection like this should:...

PmWiki Table Feature 'width' Parameter Cross-site scripting vulnerability

The host is running PmWiki and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbpmwikixssvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ PmWiki Table Feature 'width' Parameter Cross-site scripting vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone...

PmWiki Detection (HTTP)

HTTP based detection of PmWiki. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.801209";...

PmWiki < 2.2.16 XSS Vulnerability

PmWiki is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

CVE-2010-1481

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

Cross site scripting

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

PmWiki 2.2.15 width参数跨站脚本漏洞

BUGTRAQ ID: 39994 CVECAN ID: CVE-2010-1481 PmWiki是一种基于Wiki技术的开源多人协作站点创建和维护工具。 PmWiki在创建表格时没有正确地过滤通过width标记所传送的参数便显示给了用户，远程攻击者可以通过提交恶意参数请求注入任意HTML和脚本代码，但用户查看恶意数据时就会在浏览器会话中执行所注入的代码。 Patrick Michaud PmWiki 2.2.15 厂商补丁： Patrick Michaud --------------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2010-1481

Cross-site scripting XSS vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute...

CVE-2010-1481

The CVE-2010-1481 entry concerns the PmWiki table feature vulnerability in PmWiki 2.2.15. The root cause is that the width parameter is not properly escaped, allowing XSS to be injected by remote authenticated users via the table width attribute. Affected software: PmWiki 2.2.15. Impact: cross-si...

pmwiki: persistent cross site scripting &#40;XSS&#41;, CVE-2010-1481

pmwiki: persistent cross site scripting XSS, CVE-2010-1481 References https://vulners.com/cve/CVE-2010-1481 http://int21.de/cve/CVE-2010-1481-pmwiki-xss.html Description The table feature of pmwiki is vulnerable to persistent cross site scripting XSS. The value of the width-parameter is not...

Pmwiki Cross Site Scripting

pmwiki: persistent cross site scripting XSS, CVE-2010-1481 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1481 http://int21.de/cve/CVE-2010-1481-pmwiki-xss.html Description The table feature of pmwiki is vulnerable to persistent cross site scripting XSS. The value of the...

PmWiki表格标记脚本注入漏洞

PmWiki是一种基于Wiki技术的开源多人协作站点创建和维护工具。 PmWiki没有验证各种表格标记的输入，允许攻击者注入任意HTML和脚本代码。如果受害用户浏览了这些代码的话，就会导致在浏览器会话中执行。 Patrick Michaud PmWiki 2.1.17 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.pmichaud.com/wiki/PmWiki/Download...

PmWiki < 2.1.21 Global Variables Overwriting

The version of PmWiki installed on the remote host contains a programming flaw in 'pmwiki.php' that may allow an unauthenticated remote attacker to overwrite global variables used by the application, which could in turn be exploited to execute arbitrary PHP code on the affected host, subject to t...

PmWiki 2.1.19 - &#039;Zend_Hash_Del_Key_Or_Index&#039; Remote Command Execution

!/usr/bin/php -q -d shortopentag=on -------------------------------------------------------------------------------- '; die; errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; function quickdump$...

PmWiki <= 2.1.19 (Zend_Hash_Del_Key_Or_Index) Remote Exploit

Exploit for unknown platform in category web applications ============================================================ PmWiki -------------------------------...