|
PostNuke Multiple Input Validation Vulnerabilities
An exploit is not required. The following proof of concept example are available: Cross-site scripting examples: http://www.example.com/user.php?op=edituser&htmltext=[code] http://www.example.com/admin.php?module=NS-Languages&op=missing&language=">[code] http://www.example.com/admin.php?module=NS-Languages&op=translation&language=[code] SQL injection example: http://www.example.com/admin.php?module=NS-Languages&op=missing&language=[sql] |
|
|
Privacy Statement |
