Computer Security

Security Advisory: Linpha 1.1.0 - XSS Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities

  [SA19645] MODx Cross-Site Scripting and Directory Traversal

  [SA19716] Avaya CMS / IR "/proc" Denial of Service

  [eVuln] Wire Plastik wpBlog SQL Injection Vulnerability

From:d4igoro_(at)_gmail.com <d4igoro_(at)_gmail.com>
Date:18.04.2006
Subject:Linpha 1.1.0 - XSS Vulnerabilities

Linpha 1.1.0 - XSS Vulnerabilities
--------------------------------------------------------
Software: Linpha
Version: 1.1.0
Type: Cross Site Scripting Vulnerability
Date: Mon Apr 17 22:59:39 CEST 2006
Vendor: The LinPHA developers
Page: http://linpha.sourceforge.net/
Risc: Low

credits:
----------------------------
d4igoro - d4igoro[at]gmail[dot]com
http://d4igoro.blogspot.com/
Greetz: karambole

vulnerability:
----------------------------
http://[target]/plugins/stats/stats_view.php?date_from=[XSS]
http://[target]/plugins/stats/stats_view.php?date_to=[XSS]
http://[target]/plugins/stats/stats_view.php?date=[XSS]

notes:
----------------------------
The vendor has been informed.
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server