154 matches found
XSS in Textpattern CMS
Vulnerability ID: HTB22672 Reference: http://www.htbridge.ch/advisory/xssintextpatterncms.html Product: Textpattern CMS Vendor: Team Textpattern http://textpattern.com/ Vulnerable Version: 4.2.0 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by...
Script Insertion Vulnerability in Textpattern CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Textpattern CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Textpattern CMS An input sanitation error exists in the comment field. A remote attacker can insert arbitrary...
Textpattern CMS 'txplib_db.php' XSS Vulnerability - Active Check
Textpattern CMS is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2010-3205
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
CVE-2010-3205
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
CVE-2010-3205
PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
CVE-2010-3205
CVE-2010-3205 affects Textpattern CMS 4.2.0. Affected component: index.php, with a PHP remote file inclusion vulnerability via the inc parameter, enabling execution of arbitrary PHP code by an attacker-controlled URL. Root cause: improper handling of the inc parameter leads to remote file inclusi...
textpattern CMS 4.2.0 - Remote File Inclusion
Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email : [email protected] + Inj3ct0r Team Hacker + 28-8-201...
textpattern CMS 4.2.0 - Remote File Inclusion
textpattern CMS 4.2.0 - Remote File Inclusion Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email :...
CVE-2008-5669
index.php in the comments preview section in Textpattern aka Txp CMS 4.0.5 allows remote attackers to cause a denial of service via a long message parameter...
Default credentials
Textpattern aka Txp CMS 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session...
CVE-2008-5669
index.php in the comments preview section in Textpattern aka Txp CMS 4.0.5 allows remote attackers to cause a denial of service via a long message parameter...
CVE-2008-5669
index.php in the comments preview section in Textpattern aka Txp CMS 4.0.5 allows remote attackers to cause a denial of service via a long message parameter...
DSECRG-08-008.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-008 Application: Txp CMS Versions Affected: 4.0.5 Vendor URL: http://www.textpattern.com Bugs: DOS, multiple XSS, etc. Exploits: YES Reported: 11.01.2008 Vendor response: 14.01.2008 Patch Released: 03.02.2008 Date of Public Advisory:...