Textpattern CMS 4.8.4 Cross Site Scripting

Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...

Textpattern CMS 4.9.0-dev Cross Site Scripting

Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...

Textpattern CMS 4.8.3 Remote Code Execution

Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...

Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)

Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0 Install dependencie...

Textpattern CMS 4.9.0-dev - (Excerpt) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Textpattern CMS 4.9.0-dev - 'Excerpt' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.9.0-dev Tested on: Windows Steps-To-Reproduce: 1. Login into...

CVE-2020-35854

Textpattern 4.8.4 is affected by cross-site scripting XSS in the Body parameter...

CVE-2020-35854

Textpattern 4.8.4 is affected by cross-site scripting XSS in the Body parameter...

Cross site scripting

Textpattern 4.8.4 is affected by cross-site scripting XSS in the Body parameter...

Textpattern 跨站脚本漏洞

Textpattern is a free open source content management system based on PHP and MySQL. A cross-site scripting vulnerability exists in the Body parameter in Textpattern 4.8.4. No detailed vulnerability details are provided at this time...

Textpattern Cross-Site Scripting Vulnerability

Textpattern is a free open source content management system based on PHP and MySQL. A cross-site scripting vulnerability exists in the Body parameter in Textpattern 4.8.4. No detailed vulnerability details are provided at this time...

CVE-2020-35854

Textpattern 4.8.4 (Textpattern CMS, PHP/MySQL) is affected by cross-site scripting (XSS) in the Body parameter. The connected data identifies the vulnerable component as the Body parameter handling but does not provide a root cause description beyond noting an XSS issue, nor any explicit exploita...

CVE-2020-35854

Textpattern 4.8.4 is affected by cross-site scripting XSS in the Body parameter...

Textpattern CMS Cross-Site Request Forgery Vulnerability (CNVD-2020-68862)

Textpattern CMS is a free open source content management system based on PHP and MySQL. A cross-site request forgery vulnerability exists in Textpattern CMS 4.6.2. An attacker can exploit this vulnerability to conduct cross-site request forgery attacks via the prefs subsystem...

CVE-2020-29458

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem...

CVE-2020-29458

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem...

Cross site request forgery (csrf)

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem...

CVE-2020-29458

CVE-2020-29458 affects Textpattern CMS, specifically version 4.6.2, with a cross-site request forgery (CSRF) vulnerability in the prefs subsystem. The available connected sources confirm the affected product and that the root cause is CSRF via the prefs subsystem, with no detailed exploit vectors...

CVE-2020-29458

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem...

Textpattern Cms 跨站请求伪造漏洞

Textpattern CMS is a free open source content management system based on PHP and MySQL. A cross-site request forgery vulnerability exists in Textpattern CMS 4.6.2. An attacker can exploit this vulnerability to conduct cross-site request forgery attacks via the prefs subsystem...