SamenBlog Weblog Service Cross Site Request Forgery / Cross Site Scripting

Document Title: =============== SamenBlog Weblog Service - Cross Site Request Forgery / Cross Site Scripting References Source: ==================== http://ehsansec.ir/advisories/samenblog-xsrf-xss.txt Release Date: ============= 2016-02-20 Product & Service Introduction:...

CafeLog B2 0.6.1 Weblog and News Publishing Tool b2mail.php b2inc Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the...

Movable Type Publishing Platform Cross Site Scripting

Trustwave's SpiderLabs Security Advisory TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform https://www.trustwave.com/spiderlabs/advisories/TWSL2012-003.txt Published: 2012-02-24 Version: 1.0 Vendor: Six Apart http://movabletype.org/ Product: Movable Type Version...

DSA-2263-2 movabletype-opensource - several

Bulletin has no description...

CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2mail.php?b2inc' Remote File Inclusion

source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...