RSS   Vulnerabilities for 'Lisk cms'   RSS

2010-05-24
 
CVE-2010-2015

CWE-89
 

 
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.

 
 
CVE-2010-2014

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter.

 
 
CVE-2010-2013

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in cp/edit_email.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top