Zina 'index.php' Multiple Input Validation Vulnerabilities

Zina is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied input.

An attacker can exploit these issues to execute arbitrary script code in the browser of a victim in the context of the affected application, steal cookie-based authentication credentials, or obtain information that could aid in further attacks.

Zina 1.0rc3 vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus