69 matches found
CVE-2010-2479
Cross-site scripting XSS vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Debian DSA-2067-1 : mahara - several vulnerabilities
Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them : - CVE-2010-1667 Multiple pages performed insufficient input sanitising, making them vulnerable to cross-site...
XSS vulnerability exploitable on Internet Explorer
More info at http://htmlpurifier.org/news/2010/0531-4.1.1-released...
codeigniter-multi.txt
CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...
CodeIgniter 1.5.3 vulnerabilities
CodeIgniter is a powerful PHP framework with a very small footprint, built for PHP coders who need a simple and elegant toolkit to create full-featured web applications. http://www.codeigniter.com 1. sanitizeglobals global variables unsetting By setting e.g. "SERVER=anonymous" cookie in the...
CVE-2007-3498
Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...
Cross site scripting
Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...
CVE-2007-3498
Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...
CVE-2007-3498
The CVE concerns HTML Purifier prior to 2.0.1, specifically a cross-site scripting (XSS) issue in smoketests/configForm.php. The root cause is an unescaped print_r output, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected software is the HTML Purif...