RSS   Vulnerabilities for 'A-form pc mobile'   RSS

2011-11-03
 
CVE-2011-4274

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.

 
 
CVE-2011-2676

 

 
The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.

 

 >>> Vendor: Ark-web 6 Products
A-form
A-form bamboo
A-form pc
A-form pc mobile
A-member
A-reserve


Copyright 2024, cxsecurity.com

 

Back to Top