10 matches found
EUVD-2011-5210
Malware in sbrugna...
CVE-2011-5309
Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2011-5310
Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...
CVE-2011-5311
Cross-site request forgery CSRF vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the datatext parameter...
CVE-2011-5309
Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Directory traversal
Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...
CVE-2011-5310
Wikipad 1.6.0 is affected by a directory traversal in pages.php that lets remote attackers read arbitrary files via a .. in the id parameter. The root cause is improper path handling in the PHP script, enabling access to filesystem locations outside the intended directory. Publicly provided refer...
CVE-2011-5311
Cross-site request forgery CSRF vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the datatext parameter...
Wikipad 1.6.0 - Cross-Site Scripting / HTML Injection / Information Disclosure
source: https://www.securityfocus.com/bid/46383/info Wikipad is prone to a cross-site scripting vulnerability, an HTML-injection vulnerability, and an information-disclosure vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting use...