about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Softbiz Photo Gallery Multiple Cross Site Scripting Vulnerabilities


Title Softbiz Photo Gallery Multiple Cross Site Scripting Vulnerabilities
Published 2008-08-05-12:00AM
Updated 2008-08-05-12:00AM
Class Input Validation Error
CVE  
Remote  Yes
Local  No
Credit  sl4xUz
Vulnerable  SoftBiz Photo Gallery 0
Not Vulnerable  
Code  To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI.The following example URIs are available: http://www.example.com/index.php?latest=[XSS]
http://www.example.com/index.php?msg=[XSS]
http://www.example.com/images.php?latest=[XSS]
http://www.example.com/images.php?msg=[XSS]
http://www.example.com/suggest_image.php?latest=[XSS]
http://www.example.com/suggest_image.php?msg=[XSS]
http://www.example.com/image_desc.php?latest=[XSS]
http://www.example.com/image_desc.php?msg=[XSS]
http://www.example.com/admin/index.php?msg=[XSS]
http://www.example.com/admin/adminhome.php?msg=[XSS]
http://www.example.com/admin/config.php?msg=[XSS]
http://www.example.com/admin/changepassword.php?msg=[XSS]
http://www.example.com/admin/cleanup.php?msg=[XSS]
http://www.example.com/admin/browsecats.php?msg=[XSS]
http://www.example.com/admin/images.php?msg=[XSS]
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 13:40:14 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.18year immenushel www.tharun php-nuke 2 cnmos.cn web mail WWW.BOOBS. I know a w freexxxmov Animals.&a PHP NUke CMS is Fre news for C www.solary www.pornhu vidio sex Big azz asha xp bypass www xxx vi www.trisha ...tmp/rh www.indoho sexey foto www.my-vpn PHP Advanc /search/ex www.wroled webziyuan. jovuri+adu Manisha ko https://20 Squid NTLM php-nuke+2 www.xmchua mobileerec www.zhangg www.89.... telugu hot www.xmchua t344t www.beiduo Phonerica news pappe www.szjaew all cartoo www.trish Crack Data news for C MS06-35