5 matches found
CVE-2012-4022
CVE-2012-4022 affects Pebble prior to 2.6.4. A specially crafted comment can cause arbitrary blog entries to become unviewable due to an issue in comment processing. The impact is loss of blog-entry viewability, with no explicit exploitation details provided in the documents. Remediation recommen...
CVE-2009-0736
Pebble prior to 2.3.2 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The condition is a flaw in Pebble’s handling of user-supplied input that leads to script execution in the victim’s browser. ...
CVE-2006-5168
CVE-2006-5168 affects Simon Brown Pebble 2.0.0 RC1 and RC2, specifically the search functionality. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML through the query string. The provided documents do not include exploitatio...
CVE-2012-4023
Pebble (open source weblog system) is vulnerable to a CRLF/HTTP header injection in versions prior to 2.6.4. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors, potentially forging content displayed to the user, executing...
CVE-2012-5170
Pebble (open-source weblog system) is vulnerable to an open redirect in versions prior to 2.6.4. The flaw allows remote attackers to redirect users to arbitrary external websites, enabling phishing attacks via unspecified vectors. Affected product: Pebble; affected versions: before 2.6.4. Root ca...