CVE-2009-1367 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action a different issue than CVE-2008-6127.2a.

Reference

http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog http://www.securityfocus.com/bid/34474 https://exchange.xforce.ibmcloud.com/vulnerabilities/49812 https://www.exploit-db.com/exploits/8394