8 matches found
EUVD-2008-3469
Malware in sbrugna...
ScrewTurn Software ScrewTurn Wiki 2.0.x 'System Log' Page HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
CVE-2008-3483
Cross-site scripting XSS vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page...
Cross site scripting
Cross-site scripting XSS vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page...
CVE-2008-3483
CVE-2008-3483 : In ScrewTurn Wiki, vulnerable versions are 2.0.29 and 2.0.30. The issue is a cross-site scripting (XSS) vulnerability exposed via error messages on the "/admin.aspx - System Log" page, allowing remote attackers to inject arbitrary script/HTML. Root cause details are not fully disc...
ScrewTurn-Wiki_08_008.txt
Portcullis Security Advisory 08008 Vulnerable System: ScrewTurn Wiki www.screwturn.eu. Vulnerability Title: Permanent Cross-site Scripting in the "System Log" page. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Ferruh Mavituna - Portcullis...
ScrewTurn Software ScrewTurn Wiki 2.0.x - System Log Page HTML Injection
ScrewTurn Software ScrewTurn Wiki 2.0.x - System Log Page HTML Injection source: https://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...
ScrewTurn Software ScrewTurn Wiki 2.0.x - 'System Log' Page HTML Injection
source: https://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context ...