Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

PHPResidence <= 0.6 XSS

From: zerogue () gmail com
Date: 23 May 2006 17:46:26 -0000
PHPResidence <= 0.6 XSS

Discovered by: Nomenumbra
Date: 23/5/2006
impact:moderate (privilege escalation,possible defacement)

PHP Residence software doesn't sanitize any of it's input,
allowing a malicious attacker (providing he/she has an account)
to inject arbitrary HTML or javascript code

Nomenumbra
Previous By Date Next
Previous By Thread Next

Current thread: