21 matches found
EUVD-2013-7292
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
CVE-2013-20006
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
PT-2026-25714
Qool CMS 2.0 RC2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious web pages. Attackers can forge POST requests to the /admin/adduser endpoint with parameters like username, password,...
Qool CMS 跨站脚本漏洞
Qool CMS is a content management system developed by basdog22. Qool CMS has a cross-site scripting vulnerability, which stems from improper cleaning of POST parameters in multiple management scripts. This vulnerability could allow attackers to inject malicious JavaScript code to execute arbitrary...
Qool CMS 跨站脚本漏洞
Qool CMS is a content management system developed by basdog22. The Qool CMS 2.0 RC2 version has a cross-site scripting vulnerability. This vulnerability stems from cross-site request forgery, which may allow attackers to trick users into accessing malicious web pages and executing management...
CVE-2013-20006 Qool CMS Multiple Persistent Cross-Site Scripting Vulnerabilities
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
CVE-2013-20006 Qool CMS Multiple Persistent Cross-Site Scripting Vulnerabilities
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
CVE-2013-20006
Qool CMS (notably version 2.0 RC2 per ZSL report) contains multiple persistent cross-site scripting vulnerabilities in administrative scripts. POST parameters such as title, name, email, username, link, and task are not properly sanitized before storage and return, allowing injected JavaScript to...
CVE-2013-20006
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
CVE-2013-20005
CVE-2013-20005 (Qool CMS 2.0 RC2) is a cross-site request forgery allowing an attacker to forge POST requests to /admin/adduser and create root-level user accounts without user consent. Affected software is Qool CMS 2.0 RC2; the root cause is insufficient CSRF protections on admin actions. The im...
CVE-2013-20005 Qool CMS 2.0 RC2 Cross-Site Request Forgery via adduser
Qool CMS 2.0 RC2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious web pages. Attackers can forge POST requests to the /admin/adduser endpoint with parameters like username, password,...
CVE-2013-20005
Qool CMS 2.0 RC2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious web pages. Attackers can forge POST requests to the /admin/adduser endpoint with parameters like username, password,...
PT-2026-25715
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...
Qool CMS 2.0 RC2 - Multiple Vulnerabilities
No description provided by source. ?!-- Qool CMS v2.0 RC2 XSRF Add Root Exploit Vendor: Qool CMS Product web page: http://www.qool.gr Affected version: 2.0 RC2 Codename: Sommige Summary: Qool CMS is a content management system that helps web masters be more productive. Qool has been built with bo...
Qool CMS 2.0 RC2 Cross Site Request Forgery
Qool CMS v2.0 RC2 XSRF Add Root Exploit input type="hidden" name="...
Qool CMS v2.0 RC2 - Multiple Vulnerabilities
Exploit for php platform in category web applications Qool CMS v2.0 RC2 XSRF Add Root Exploit input type="hidden" name="email" value="email pro...
Qool CMS 2.0 RC2 Cross Site Scripting
Qool CMS v2.0 RC2 Multiple HTML And JavaScript Injection Vulnerabilities input type="hidden" name="lib" value="default"...
Qool CMS 2.0 RC2 - Multiple Vulnerabilities
Qool CMS v2.0 RC2 XSRF Add Root Exploit input...
Qool CMS 2.0 RC2 - Multiple Vulnerabilities
Qool CMS 2.0 RC2 - Multiple Vulnerabilities Qool CMS v2.0 RC2 XSRF Add Root Exploit input type="hi...
Qool CMS v2.0 RC2 XSRF Add Root Exploit
Summary Qool CMS is a content management system that helps web masters be more productive. Qool has been built with both worlds web master, web developer in mind. It is easy to create addons extensions for the system but you can really do without them too. Description Qool CMS allows users to...