Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.
View Full Alert
Related Posts
CVE-2011-1134 (serendipity)Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager. View Full Alert
CVE-2011-1133 (serendipity)Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php. View Full Alert
CVE-2011-5328The user-access-manager plugin before 1.2 for WordPress has CSRF. View Full Alert
