BugTraq
Back to list
|
Post reply
HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities
Jun 15 2006 06:36PM
Federico Fazzi (federico autistici org)
-----------------------------------------------------
Advisory id: FSA:017
Author: Federico Fazzi
Date: 15/06/2006, 20:31
Sinthesis: HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities
Type: low
Product: http://hotplugcms.com/
Patch: unavailable
-----------------------------------------------------
1) Description:
Error occured in login1.php:
2) Proof of concept:
http://example/[hpc_path]/administration/tblcontent/login1.php?msg=[xss]
3) Solution:
echo "messages";
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Advisory id: FSA:017
Author: Federico Fazzi
Date: 15/06/2006, 20:31
Sinthesis: HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities
Type: low
Product: http://hotplugcms.com/
Patch: unavailable
-----------------------------------------------------
1) Description:
Error occured in login1.php:
2) Proof of concept:
http://example/[hpc_path]/administration/tblcontent/login1.php?msg=[xss]
3) Solution:
echo "messages";
[ reply ]