Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2009-4209
Disclosure Date: December 04, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
0
Attacker Value
Unknown
CVE-2008-6127
Disclosure Date: February 13, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) query parameters to (a) index.php, (3) cat and (4) file parameters to (b) download.php, (5) gal parameter to gallery.php, and the (6) URL to admin/login.php.
0
