RSS   Vulnerabilities for 'A-blog cms'   RSS

2017-04-12
 
CVE-2016-1179

 

 
Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML.

 
 
CVE-2016-1178

 

 
The session management of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to obtain or modify sensitive data via unspecified vectors.

 

 >>> Vendor: Appleple 2 Products
A-news
A-blog cms


Copyright 2017, cxsecurity.com