Showing 1 - 1 of 1

CVE-2007-6526

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter.

Related Files

Gentoo Linux Security Advisory 200801-10: Posted Jan 24, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200801-10 - Jesus Olmos Gonzalez from isecauditors reported insufficient sanitization of the movies parameter in file tiki-listmovies.php. Mesut Timur from H-Labs discovered that the input passed to the "area_name" parameter in file tiki-special_chars.php is not properly sanitised before being returned to the user. redflo reported multiple unspecified vulnerabilities in files tiki-edit_css.php, tiki-list_games.php, and tiki-g-admin_shared_source.php. Versions less than 1.9.9 are affected.; tags | advisory, php, vulnerability; systems | linux, gentoo; advisories | CVE-2007-6526, CVE-2007-6528, CVE-2007-6529; SHA-256 | 651e1e41f4d9e09219c2a40f47e60b2c82e9082ee3055d3805702f973677544a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2007-6526

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems