sNews Multiple Input Validation Vulnerabilities


An exploit is not required.

Example URI have been provided:

http://www.example.com/index.php?category=1%20or%201=2

http://www.example.com/index.php?id=0%20or%201=2

post comment with <script>alert('XSS TEST by www.example.com');</script>


 

Privacy Statement
Copyright 2010, SecurityFocus