Lucene search
+L

6 matches found

NVD
NVD
added 2008/03/20 10:44 a.m.16 views

CVE-2008-1413

Cross-site scripting XSS vulnerability in search.php in SNewsCMS Rus 2.1 through 2.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

4.3CVSS5.7AI score0.01458EPSS
Exploits1References4
CVE
CVE
added 2008/03/20 10:0 a.m.39 views

CVE-2008-1413

The vulnerability CVE-2008-1413 affects SNewsCMS Rus versions 2.1 through 2.4, where the XSS flaw resides in the search.php parameter handling. The root cause is a cross-site scripting flaw that allows remote attackers to inject arbitrary web script or HTML via the query parameter, potentially en...

4.3CVSS5.7AI score0.01458EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2008/03/17 12:0 a.m.51 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Snewscms Rus 2.3: crossite scripting...

7.5CVSS1.6AI score0.01954EPSS
Exploits2References7Affected Software6
Packet Storm
Packet Storm
added 2008/03/17 12:0 a.m.18 views

snewscmsrus-xss.txt

New Advisory: Snewscms Rus v2 http://www.medprostuda.ru --------------------Summary---------------- Software: SnewsCMS Rus v. 2.3 Sowtware's Web Site: http://www.snewscms.net.ru Versions: 2.4 Critical Level: Moderate Type: XSS Class: Remote Status: Unpatched PoC/Exploit: Not Available Solution: N...

7.4AI score
Exploits0
Prion
Prion
added 2007/10/09 6:17 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in newspage.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/10/09 6:0 p.m.49 views

CVE-2007-5303

CVE-2007-5303 is an XSS vulnerability affecting SnewsCMS Rus 2.1, specifically in news_page.php where the page_id parameter can be leveraged to inject arbitrary web scripts or HTML. The NVD entry documents a failed/open-based impact: confidentiality=NONE, integrity=PARTIAL, availability=NONE, wit...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder