BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
PHP AGTC-Membership system <= v1.1a XSS
May 23 2006 05:53PM
zerogue gmail com
PHP AGTC-Membership system <= v1.1a XSS
Discovered by: Nomenumbra
Date: 23/5/2006
impact:moderate (privilege escalation,possible defacement)
Ordinary users can add users to the user management system as well,
or change their own email address, which isn't properly sanitized, thus
allowing ...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Discovered by: Nomenumbra
Date: 23/5/2006
impact:moderate (privilege escalation,possible defacement)
Ordinary users can add users to the user management system as well,
or change their own email address, which isn't properly sanitized, thus
allowing ...
[ more ]