Lucene search
+L

69 matches found

Cvelist
Cvelist
added 2010/07/06 5:0 p.m.27 views

CVE-2010-2479

Cross-site scripting XSS vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4AI score0.02008EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2010/07/05 12:0 a.m.19 views

Debian DSA-2067-1 : mahara - several vulnerabilities

Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them : - CVE-2010-1667 Multiple pages performed insufficient input sanitising, making them vulnerable to cross-site...

7.5CVSS5AI score0.02008EPSS
Exploits0References9
Friends Of PHP
Friends Of PHP
added 2010/06/01 12:0 a.m.19 views

XSS vulnerability exploitable on Internet Explorer

More info at http://htmlpurifier.org/news/2010/0531-4.1.1-released...

4.3CVSS6.4AI score0.02008EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2007/07/10 12:0 a.m.32 views

codeigniter-multi.txt

CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/10 12:0 a.m.55 views

CodeIgniter 1.5.3 vulnerabilities

CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...

1.4AI score
Exploits0
NVD
NVD
added 2007/06/29 6:30 p.m.15 views

CVE-2007-3498

Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...

4.3CVSS5.6AI score0.01033EPSS
Exploits0References4
Prion
Prion
added 2007/06/29 6:30 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/06/29 6:0 p.m.23 views

CVE-2007-3498

Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...

5.6AI score0.01033EPSS
Exploits0References4
CVE
CVE
added 2007/06/29 6:0 p.m.48 views

CVE-2007-3498

The CVE concerns HTML Purifier prior to 2.0.1, specifically a cross-site scripting (XSS) issue in smoketests/configForm.php. The root cause is an unescaped print_r output, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected software is the HTML Purif...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder