Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting

Exploit Title: Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting Exploit Author: Alperen Ergel Web Site: https://alperenae.gitbook.io/ Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with...

Textpattern CMS 4.6.2 Cross Site Scripting

Exploit Title: Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting Exploit Author: Alperen Ergel Web Site: https://alperenae.gitbook.io/ Software Homepage: https://textpattern.com/ Version : 4.6.2 Tested on: windows 10 / xammp Category: WebApp Google Dork: intext:"Published with...

CVE-2018-7474

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php...

Code injection

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php...

CVE-2018-7474

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php...

CVE-2018-7474

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php...

CVE-2018-7474

Summary (validated by multiple sources): Textpattern CMS 4.6.2 and earlier is vulnerable to SQL injection through the value of the qty parameter on the index.php page. The vulnerability is exploitable in contexts where an attacker with administrator-facing access can trigger the flaw, potentially...

Textpattern CMS 'index.php' XSS Vulnerability - Active Check

Textpattern CMS is prone to a cross-site scripting XSS vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2014-4737

Cross-site scripting XSS vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to setup/index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to setup/index.php...

CVE-2014-4737

Cross-site scripting XSS vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to setup/index.php...

CVE-2014-4737

Textpattern CMS (Textpattern) prior to version 4.5.7 is affected by a Cross-Site Scripting (XSS) vulnerability. The issue arises from insufficient sanitization of input data passed via the PATH_INFO to setup/index.php, enabling remote attackers to inject arbitrary HTML/JavaScript. The CVE is CVE-...

CVE-2014-4737

Cross-site scripting XSS vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to setup/index.php...

textpattern cms 4.2.0 - Remote File Inclusion Vulnerability

No description provided by source...

Cross site scripting

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Textpattern CMS 4.4.1 contains a cross-site scripting (XSS) vulnerability in setup/index.php when the product is incompletely installed. The issue allows an attacker to inject arbitrary script/HTML via the ddb parameter, as described in Trustwave advisory TWSL2012-001 and the CVE record for CVE-2...

Textpattern CMS 4.4.1 Cross Site Scripting

Trustwave's SpiderLabs Security Advisory TWSL2012-001: Cross-Site Scripting Vulnerability in Textpattern Content Management System Published: 1/03/12 Version: 1.0 Vendor: Textpattern http://textpattern.com/ Product: Textpattern Version affected: 4.4.1 before change set 3612 Product description:...

Textpattern CMS 'index.php' Remote File Inclusion Vulnerability

Textpattern CMS is prone to a remote file inclusion vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Textpattern CMS 4.2.0 Cross Site Scripting

Vulnerability ID: HTB22672 Reference: http://www.htbridge.ch/advisory/xssintextpatterncms.html Product: Textpattern CMS Vendor: Team Textpattern http://textpattern.com/ Vulnerable Version: 4.2.0 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by...