2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 from and 2 help parameters to a index.php; 3 action, 4 page, 5 debug, 6 help, 7 username, or 8 password parameters to b login.php; the 7 help parameter to c...
CVE-2006-1196
CVE-2006-1196: Affects QwikiWiki 1.5 with multiple XSS vulnerabilities allowing remote injection of scripts via parameters to index.php, login.php, pageindex.php, and recentchanges.php (from, help, action, page, debug, username, password, etc.). Underlying cause is reflected/scriptable input in t...