EUVD-2008-2558

Malware in sbrugna...

SamTodo 1.1 - 'tid' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

SamTodo 1.1 - 'completed' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29569/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...

CVE-2008-2563

Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...

CVE-2008-2563

Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...

CVE-2008-2563

CVE-2008-2563 involves multiple cross-site scripting (XSS) flaws in SamTodo 1.1, specifically in dsp_main.php and dsp_task_editor.php. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the tid parameter in a main.taskeditor edit action and the completed paramet...

SamTodo 1.1 - tid Cross-Site Scripting

SamTodo 1.1 - tid Cross-Site Scripting source: https://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

SamTodo 1.1 - completed Cross-Site Scripting

SamTodo 1.1 - completed Cross-Site Scripting source: https://www.securityfocus.com/bid/29569/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

samtodo-xss.txt

Original advisory: http://www.davidsopas.com/soapbox/samtodo.txt XSS in SamTodo v1.1 http://samjlevy.com/samtodo by David Sopas Ferreira Found and reported at : 22-05-2008PT Full disclosure at : 05-06-2008PT ?!--------------------------------------------------------- Flaws -----!? XSS attacks on...

SamTodo 1.1 - 'completed' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29569/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

SamTodo 1.1 - 'tid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...