Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

CVE-2007-6545 (RunCMS)
BugsAlert Home > CVE-2007-6545 (RunCMS)
 
 

Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before 1.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) the subject parameter to modules/news/submit.php; (2) the PATH_INFO to modules/news/index.php, possibly related to the XoopsPageNav class; or (3) an avatar image to edituser.php.




Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6545

Learn more about CVE-2007-6545 (RunCMS)
 
Tags: cve-2007-6545 runcms

Related Items
      MS08-026 ? Critical: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207) - Version:1.0

      FrSIRT - SuSE Security Update Fixes Code Execution and Security Bypass Issues

      TROJ_AGENT.HMW

      Sarg User-Agent Processing Multiple Vulnerabilities

      Tmin - Test Case Optimizer for Automated Security Testing

      Bugtraq: [USN-653-1] D-Bus vulnerabilities

      CVE-2008-4232 (iphone_os, safari)

 
© 2007-2009 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel