|
PHProfession Multiple Vulnerabilities
Some proof-of-concept examples were provided. Path disclosure example: http://www.example.com/postnuke0726/modules/phprofession/upload.php Cross-site scripting: http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=upload&jcode=[xss code here] SQL Injection: http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=index&offset=foobar |
|
|
Privacy Statement |
