EUVD-2008-1483

Malware in sbrugna...

webSPELL 4.1.2 - 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28294/info webSPELL is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

CVE-2008-1481

Cross-site scripting XSS vulnerability in index.php in webSPELL 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the board parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

webSPELL 4.1.2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28294/info webSPELL is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2007-6309

The CVE-2007-6309 entry describes multiple cross-site scripting (XSS) vulnerabilities in webSPELL 4.1.2, specifically in index.php. The issues allow remote attackers to inject arbitrary script/HTML via parameters in two actions: (1) galleryID in a usergallery upload action, and (2) upID, tag, mon...