CVE-2007-6126 (Project Alumni) |
|
| BugsAlert Home > CVE-2007-6126 (Project Alumni) | |
|
Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6126 Learn more about CVE-2007-6126 (Project Alumni) |
|
| Tags: cve-2007-6126 project alumni | |
Related Items |
|
|
xine-lib Multiple Vulnerabilities
|
|
|
Vuln: Mozilla Firefox CSSValue Array Data Structure Remote Code Execution Vulnerability
|
|
|
CVE-2008-4779 (tguzip)
|
|
|
Mandriva: Subject: [Security Announce] [ MDVSA-2008:184 ] libtiff
|
|
|
Ablespace 1.0 'cat_id' Parameter SQL Injection Vulnerability
|
|
|
CVE-2007-6437 (syslog-ng Open Source Edition, syslog-ng Premium Edition)
|
|
|
Mandriva: Subject: [Security Announce] [ MDVSA-2008:210-1 ] mono
|
|
