CVE-2005-4481

Cross-site scripting XSS vulnerability in Polopoly 9 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NOTE: the vendor has disputed this vulnerability, stating that the "XSS flaw was only part of the custom implementation of the polopol...

CVE-2005-4481

Cross-site scripting XSS vulnerability in Polopoly 9 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NOTE: the vendor has disputed this vulnerability, stating that the "XSS flaw was only part of the custom implementation of the polopol...

CVE-2005-4481

Polopoly 9 and earlier are affected by an XSS vulnerability described as allowing remote attackers to inject arbitrary web script or HTML via unspecified search parameters. The vendor disputes the issue, stating the XSS flaw was part of a custom site implementation. Public records do not provide ...

PT-2005-5164 · Atex · Polopoly

Name of the Vulnerable Software and Affected Versions: Polopoly versions 9 and earlier Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. The vendor has disputed this issue, stating it was part of a custo...

Polopoly XSS vuln.

Polopoly XSS vuln. Vuln. discovered by : r0t Date: 21 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/polopoly-xss-vuln.html vendor:http://www.polopoly.com/ affected version:9 and prior Product Description: Polopoly is 100 Java since 1996 and embraces standards and open architectur...