CVE-2006-5036

CVE-2006-5036 affects MySource Matrix 3.8 and earlier and MySource 2.x. The issue stems from the parameter sq_remote_page_url , which can be abused to make the application act as an HTTP proxy, enabling access to arbitrary sites using the server IP and enabling cross‑site scripting (XSS). Impact ...

CVE-2006-5037

CVE-2006-5037 affects MySource Matrix versions after 3.8. The issue allows remote attackers to use the application as an HTTP proxy via a MIME-encoded URL in the sq_content_src parameter, enabling access to arbitrary sites using the server’s IP and enabling cross-site scripting (XSS). The PT-2006...

CVE-2010-4901

The CVE-2010-4901 issue affects MySource Matrix 3.28.3 (Squiz) where the height (and width) parameter passed to char_map.php is not properly sanitized, enabling remote XSS. Public details describe a remote reflected XSS via these parameters, with vulnerable version 3.28.3 and vendor remediation s...