Phpwebgallery-1.4.1, Multiple Cross Site Scripting

看板Bugtraq作者simon.時間19年前 (2007/02/25 04:38)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

Phpwebgallery-1.4.1 - Multiple Cross Site Scripting Vendor : http://www.phpwebgallery.net/ Risk : Low ---------------------------------------------------------------- Register.php -> login and mail_address fields are vulnerables to XSS attacks Search.php -> search_author,mode, start_year, end_year, date_type, are vulnerables too. ---------------------------------------------------------------- Solutions : www.php.net/htmlentities Regards, Simon Bonnard simon.itsecurity - at - gmail - dot - com

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 simon. 的文章

文章代碼(AID): #15uA9I00 (Bugtraq)