2 matches found
CVE-2011-5301
PHPDug 2.0.0 is affected by multiple cross-site scripting (XSS) vulnerabilities. The CVE-2011-5301 entry describes that remote attackers can inject arbitrary script/HTML via (1) story_url in add_story.php, (2) email in editprofile.php, (3) title in adm/content_add.php, or (4) username in adm/admi...
CVE-2011-5302
PHPDug 2.0.0 is affected by CVE-2011-5302, a CSRF flaw in adm/admin_edit.php that can allow an attacker to hijack administrator sessions and modify credentials. Root cause is a Cross-site request forgery vulnerability in the admin_edit.php endpoint. Multiple sources document the affected componen...