Back to search
CVE-2011-1062
Published: Feb 22, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
16158
exploit
x_refsource_EXPLOIT-DB
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4990.php
x_refsource_MISC
taskfreak-printlist-xss(65359)
vdb-entry
x_refsource_XF
70877
vdb-entry
x_refsource_OSVDB
70878
vdb-entry
x_refsource_OSVDB
43318
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now