28 matches found
CVE-2009-4852
Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...
CVE-2008-6110
Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php...
EUVD-2011-2655
Malware in sbrugna...
EUVD-2009-0708
Malware in sbrugna...
EUVD-2008-6083
Malware in sbrugna...
EUVD-2008-6080
Malware in sbrugna...
EUVD-2009-4815
Malware in sbrugna...
CVE-2011-2672
Cross-site scripting XSS vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-2672
The CVE-2011-2672 entry concerns SemanticScuttle, a social bookmarking tool, with a Cross-site Scripting (XSS) vulnerability affecting versions prior to 0.98. The root cause is an XSS flaw that allows remote attackers to cause arbitrary web-script or HTML execution in a user’s browser via unspeci...
CVE-2011-2672
Cross-site scripting XSS vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
JVN#28973089: SemanticScuttle vulnerable to cross-site scripting
SemanticScuttle is a social bookmarking tool. SemanticScuttle contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...
CVE-2009-4852
Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...
CVE-2009-4852
CVE-2009-4852 (and related CVEs) describes multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle prior to 0.94.1. Public records consistently cite input vectors such as the sort parameter to index.php and other unspecified vectors, enabling remote attackers to inject arbitrary sc...
CVE-2009-4852
Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...
CVE-2009-0708
Multiple cross-site request forgery CSRF vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to 1 hijack the authentication of administrators via unknown vectors or 2 hijack the authentication of arbitrary users via vectors involving the profile page...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to 1 hijack the authentication of administrators via unknown vectors or 2 hijack the authentication of arbitrary users via vectors involving the profile page...
CVE-2009-0708
CVE-2009-0708 concerns CSRF vulnerabilities in SemanticScuttle before 0.91 that can allow remote attackers to hijack authentication of administrators via unknown vectors or hijack authentication of arbitrary users via vectors involving the profile page. The connected documents corroborate an CSRF...
CVE-2009-0708
Multiple cross-site request forgery CSRF vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to 1 hijack the authentication of administrators via unknown vectors or 2 hijack the authentication of arbitrary users via vectors involving the profile page...