1 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3

Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 allow remote attackers to inject arbitrary web script or HTML via the message parameter to (1) messages_viewer.php, (2) home.php, or (3) history.php. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en php ireport v1.0 permite a atacantes remotos inyectar inyectar secuencias de comandos web o HTML a través del parámetro mensaje para (1) messages_viewer.php, (2) home.php, o (3) history.php. • https://www.exploit-db.com/exploits/18402 http://www.exploit-db.com/exploits/18402 http://www.securityfocus.com/bid/51609 https://exchange.xforce.ibmcloud.com/vulnerabilities/72610 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •