Bugtraq mailing list archives
Phpwebgallery-1.4.1, Multiple Cross Site Scripting
From: simon.itsecurity () gmail com
Date: 24 Feb 2007 19:19:25 -0000
Phpwebgallery-1.4.1 - Multiple Cross Site Scripting Vendor : http://www.phpwebgallery.net/ Risk : Low ---------------------------------------------------------------- Register.php -> login and mail_address fields are vulnerables to XSS attacks Search.php -> search_author,mode, start_year, end_year, date_type, are vulnerables too. ---------------------------------------------------------------- Solutions : www.php.net/htmlentities Regards, Simon Bonnard simon.itsecurity - at - gmail - dot - com
Current thread:
- Phpwebgallery-1.4.1, Multiple Cross Site Scripting simon . itsecurity (Feb 24)