exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

TomatoCMS Eight Cross Site Scripting
Posted Jun 4, 2010
Site secunia.com

Secunia Research has discovered some vulnerabilities in TomatoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "keyword" and "article-id" parameters to index.php/admin/news/article/list, the "keyword" parameter to index.php/admin/multimedia/set/list, the "keyword" and "fileId" parameters to index.php/admin/multimedia/file/list, and the "name", "email", and "address" parameters to index.php/admin/ad/client/list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in the users browser in context of the affected site.

tags | advisory, arbitrary, php, vulnerability, xss
advisories | CVE-2010-1515
MD5 | 524797fc62f7684a6f828b037fccfc6f
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
We Asked Def Con Attendees Why People Are Still Getting Hacked
Posted Aug 16, 2019

tags | headline, hacker, conference
Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections
Posted Aug 16, 2019

tags | headline, government, usa, fraud
Huawei Africa Spying Claims Denied
Posted Aug 16, 2019

tags | headline, government, china, africa, spyware, facebook
Trump Admin Wants To Extend NSA Phone Surveillance Program
Posted Aug 16, 2019

tags | headline, government, privacy, usa, phone, spyware, nsa
Amazon's Rekognition Software Can Now Spot Fear
Posted Aug 15, 2019

tags | headline, amazon, science
Biostar Security Software Leaked A Million Fingerprints
Posted Aug 15, 2019

tags | headline, data loss, password
Trend Micro Fixes Privilege Escalation Flaw In Password Manager
Posted Aug 15, 2019

tags | headline, flaw, password, patch
700,000 Choice Hotels Records Leaked In Data Breach, Ransom Demanded
Posted Aug 15, 2019

tags | headline, privacy, database, data loss
Facebook Latest To Admit Their Contractors Snoop On Your Conversations
Posted Aug 14, 2019

tags | headline, privacy, facebook, social
Adobe Security Patch Update Covers Quite A Bit
Posted Aug 14, 2019

tags | headline, flaw, adobe, patch
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close