Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12793
HistoryMay 25, 2006 - 12:00 a.m.

AlstraSoft E-Friends - XSS

2006-05-2500:00:00
vulners.com
5

AlstraSoft E-Friends - XSS

Homepage:
http://www.alstrasoft.com/

Description:

Alstrasoft E-friends allows you to run a community site like MySpace and Friendster.

Effected files or areas of site:
index.php

The input forms on the following items belowdo not properlly filter out all potential harmful characters.
XSS are possible because of this.

Posting a blog
Posting a listing
Posting an event
Adding comments
Sending a message