CVE-2003-1204 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php the directory parameter in (2) gallery.php (3) navigation.php or (4) uploadimage.php the path parameter in (5) view.php (6) the choice parameter in upload.php (7) the sitename parameter in mambosimple.php (8) the type parameter in upload.php or the id parameter in (9) emailarticle.php (10) emailfaq.php or (11) emailnews.php.
Reference
http://www.osvdb.org/7495 http://www.osvdb.org/7496 http://www.osvdb.org/7497 http://www.osvdb.org/7498 http://www.osvdb.org/7499 http://www.osvdb.org/7500 http://www.osvdb.org/7501 http://www.osvdb.org/7502 http://www.osvdb.org/7503 http://www.osvdb.org/7504 http://www.osvdb.org/7505 http://www.securityfocus.com/archive/1/306206 http://www.securityfocus.com/bid/6571 https://exchange.xforce.ibmcloud.com/vulnerabilities/11050
Share on: