16 matches found
EUVD-2009-0859
Malware in sbrugna...
EUVD-2008-6018
Malware in sbrugna...
EUVD-2009-2372
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module...
CVE-2009-2376
CVE-2009-2376 affects TangoCMS 2.x prior to 2.3.0, where the Html::textarea function in application/libraries/Html.php is vulnerable to cross-site scripting via the value parameter (related to the Contact module). The issue can allow remote attackers to inject arbitrary web script or HTML. The NV...
CVE-2009-2376
Cross-site scripting XSS vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module...
TangoCMS 'listeners.php' Cross Site Scripting Vulnerability
TangoCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
TangoCMS 'listeners.php' Cross Site Scripting Vulnerability
TangoCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to...
CVE-2009-0862
Cross-site scripting XSS vulnerability in the hookcntrlrerroroutput function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x aka Eagle before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details ar...
Cross site scripting
Cross-site scripting XSS vulnerability in the hookcntrlrerroroutput function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x aka Eagle before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details ar...
CVE-2009-0862
TangoCMS (admincp) is affected by a cross-site scripting (XSS) vulnerability in hook_cntrlr_error_output() inside modules/page/hooks/listeners.php, affecting TangoCMS 2.2.x prior to 2.2.4. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. OpenVAS re...
CVE-2009-0862
Cross-site scripting XSS vulnerability in the hookcntrlrerroroutput function in modules/page/hooks/listeners.php in the admincp component in TangoCMS 2.2.x aka Eagle before 2.2.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details ar...
CVE-2008-6048
Multiple cross-site request forgery CSRF vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators...
CVE-2008-6048
Multiple cross-site request forgery CSRF vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to hijack the authentication of administrators...
CVE-2008-6048
CVE-2008-6048 affects TangoCMS prior to 2.2.0 and is a cross-site request forgery (CSRF) vulnerability. The issue allows an attacker to hijack the authentication of administrators by inducing them to perform unintended actions on the site. The primary affected component is TangoCMS’s administrati...