Summary
The host is running moziloCMS and is prone to Multiple Cross Site Scripting Vulnerabilities
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Impact Level: Application.
Solution
Upgrade to version 1.12 or later,
For updates refer to http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=50_Download
Insight
The flaws are due to an error in 'admin/index.php'. The input values are not properly verified before being used via 'cat' and file parameters in an 'editsite' action.
Affected
moziloCMS version 1.11.1 and prior on all running platform.
References
Severity
Classification
-
CVE CVE-2009-4209 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities