Application: Plume CMS
Affected Version: 1.2.2 and other versions.
Vendor’s URL: http://www.plume-cms.net/
Bug Type: Cross Site Scripting
Risk Level: Medium
Solution:
Edit the source code to ensure that input is properly sanitized.
Search
Subscribe
Latest
- eGroupWare File Upload
- Joomla Jom Comment Component Unspecified SQL Injection
- WordPress WP-Download Plugin SQL Injection
- AuraCMS SQL Injection
- Simple Gallery XSS
- Drupal Webform Module Unspecified Script Insertion
- PHP Photo Gallery SQL Injection
- Wikepage Information Disclosure
- Drupal Menu System Security Bypass
- Gallery Script Lite Information Disclosure
0 Responses to “Plume CMS “dir” XSS”