BugTraq
Back to list
|
Post reply
AlstraSoft E-Friends - XSS
May 22 2006 09:43PM
luny youfucktard com
AlstraSoft E-Friends - XSS
Homepage:
http://www.alstrasoft.com/
Description:
Alstrasoft E-friends allows you to run a community site like MySpace and Friendster.
Effected files or areas of site:
index.php
The input forms on the following items belowdo not properlly filter out all potential harmful characters. XSS are possible because of this.
Posting a blog
Posting a listing
Posting an event
Adding comments
Sending a message
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Homepage:
http://www.alstrasoft.com/
Description:
Alstrasoft E-friends allows you to run a community site like MySpace and Friendster.
Effected files or areas of site:
index.php
The input forms on the following items belowdo not properlly filter out all potential harmful characters. XSS are possible because of this.
Posting a blog
Posting a listing
Posting an event
Adding comments
Sending a message
[ reply ]