6 matches found
CVE-2003-1242
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...
CVE-2003-1243
Cross-site scripting vulnerability XSS in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter...
CVE-2003-1242
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...
CVE-2003-1243
Sage 1.0 b3 is affected by a Cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary HTML or web script via the mod parameter. The issue is described without explicit exploit details or patched versions in the provided material; the CVSS indicates low-medium impa...
CVE-2003-1242
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...
Sage 1.0 Beta 3 - Content Management System Cross-Site Scripting
source: https://www.securityfocus.com/bid/6894/info Sage is prone to a cross site scripting vulnerability. This issue is due to insufficient sanitization of input submitted in URI parameters. As a result, an attacker may create a malicious link to a site hosting Sage, which contains malicious HTM...