CVE-2014-1855 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php.

Reference

http://forum.seopanel.in/viewtopic.php?f=7&t=10978 http://packetstormsecurity.com/files/126706/Seo-Panel-3.4.0-Cross-Site-Scripting.html http://secunia.com/advisories/58706 http://www.securityfocus.com/archive/1/532119/100/0/threaded https://www.htbridge.com/advisory/HTB23200