Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilo mozilocms 1.11.1 |