Bugtraq mailing list archives
YaPiG thanks_comment.php Cross-Site Scripting Vulnerability
From: Kuon_at_Armorize_dot_com () no this.domain
Date: 25 Aug 2006 10:47:33 -0000
/* Kuon <Armorize Security Team> Kuon-[at]-Armorize.com YaPiG thanks_comment.php Cross-Site Scripting Vulnerability Contact : Kuon-[at]-Armorize.com Link : www.Armorize.com */ Armorize Technologies Security Advisory Advisory No: 20061001 Date: 2006/08/25 Affected Software: yapig 0.95b Vulnerability Description: Cross-Site Scripting Vulnerability Detection/Exploit: http://www.example.com/[PATH]/template/default/thanks_comment.php?D_REFRESH_URL=[XSS] Disclosure Timeline: 2006/08/17 Armorize Technologies provides next-generation source code analysis tools to help developers identify and remediate vulnerabilities in their web application source. CodeSecure, Armorizes premier source code analysis tool is available for analysis of PHP, JSP and ASP. Find out more at www.armorize.com .
Current thread:
- YaPiG thanks_comment.php Cross-Site Scripting Vulnerability Kuon_at_Armorize_dot_com (Aug 25)