iTechClassifieds 'ViewCat.php' Input Validation Vulnerability

iTechClassifieds 'ViewCat.php' Input Validation Vulnerability

Attackers can exploit this issue via a browser. To exploit as a cross-site scripting vulnerability, an attacker must entice a victim to follow a malicious URI.

The following proof-of-concept URIs are available:

http://www.example.com/ViewCat.php?CatID=[XSS]
http://www.example.com/ViewCat.php?CatID=[SQL]