6 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 email parameters...
CVE-2006-0782
Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of 1 the reply parameter, possibly involving injection of 2 the name parameter and...
CVE-2006-0780
Multiple cross-site scripting XSS vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 email parameters...
CVE-2006-0780
This CVE affects PerlBlog's weblog.pl in version 1.09b and earlier, where the name and email parameters are not properly sanitized, enabling stored or reflected cross-site scripting (XSS) by remote attackers. The root cause is insufficient input validation/sanitization of user-supplied POST/GET f...
CVE-2006-0780
Multiple cross-site scripting XSS vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 email parameters...
CVE-2006-0782
Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of 1 the reply parameter, possibly involving injection of 2 the name parameter and...