16 matches found
EUVD-2016-2275
Malware in sbrugna...
EUVD-2016-2276
Malware in sbrugna...
Recruit plugin cross-site scripting vulnerability
Recruit plugin for baserCMS is a job listing plugin for baserCMS. A cross-site scripting vulnerability exists in Recruit plugin for baserCMS versions prior to 0.9.3, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Recruit plugin cross-site request forgery vulnerability
Recruit plugin for baserCMS is a job listing plugin for baserCMS. A cross-site request forgery vulnerability exists in Recruit plugin for baserCMS versions prior to 0.9.3, which allows remote attackers to hijack administrars authentication...
CVE-2016-1172
Cross-site request forgery CSRF vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators...
CVE-2016-1172
Cross-site request forgery CSRF vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators...
CVE-2016-1171
Cross-site scripting XSS vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators...
Cross site scripting
Cross-site scripting XSS vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-1171
Cross-site scripting XSS vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-1172
Cross-site request forgery CSRF vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators...
CVE-2016-1172
CVE-2016-1172 is a CSRF vulnerability in the baserCMS Recruit plugin prior to version 0.9.3 that can hijack administrator sessions. Multiple sources (NVD, CNVD, PRION, CVE list) corroborate the affected plugin and vulnerability description. CVSS‑3.0 base score is 8.8 (High) with NETWORK attack ve...
CVE-2016-1171
The CVE-2016-1171 issue affects the baserCMS Recruit plugin, specifically versions prior to 0.9.3. A cross-site scripting (XSS) vulnerability exists that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. "Recruit" is described as a job-listing plugin for base...
baserCMS plugin "Recruit Plugin" vulnerable to cross-site request forgery
Overview baserCMS plugin "Recruit Plugin" contains a cross-site request forgery vulnerability. CWE-352 Takaesu Isao of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
baserCMS plugin "Recruit Plugin" vulnerable to cross-site scripting
Overview baserCMS plugin "Recruit Plugin" contains a cross-site scripting vulnerability. CWE-79 Takaesu Isao of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
JVN#13288761: baserCMS plugin "Recruit Plugin" multiple vulnerabilities
baserCMS plugin "Recruit Plugin" contains multiple vulnerabilities: Cross-site scripting CWE-79 - CVE-2016-1169 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:L/Au:S/C:N/I:P/A:N| Base Score: 4.0 Cross-site request forgery...