admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2010/CVE-2010-3025.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

886 B
Raw Blame History

CVE-2010-3025

Description

Multiple cross-site scripting (XSS) vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) excerpt parameter to application/modules/admin/controllers/posts.php, as reachable by admin/posts/edit; and the (2) content parameter to application/modules/admin/controllers/pages.php, as reachable by admin/posts/edit.

POC

Reference

Github

No PoCs found on GitHub currently.