5 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...
CVE-2008-2563
Multiple cross-site scripting XSS vulnerabilities in 1 dspmain.php and 2 dsptaskeditor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the a tid parameter in a main.taskeditor edit action, and the b completed parameter in a main.default action, to index.php...
CVE-2008-2563
CVE-2008-2563 involves multiple cross-site scripting (XSS) flaws in SamTodo 1.1, specifically in dsp_main.php and dsp_task_editor.php. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the tid parameter in a main.taskeditor edit action and the completed paramet...
SamTodo 1.1 - completed Cross-Site Scripting
SamTodo 1.1 - completed Cross-Site Scripting source: https://www.securityfocus.com/bid/29569/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
SamTodo 1.1 - 'tid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/29568/info SamTodo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...