Back to list
Vikingboard (0.1.2) [ multiples vulnerability ]
Nov 18 2006 04:57PM
saps audit gmail com
bug:local file include & multiples permanent xss
error sql :
xss permanent :
you will get your cookie stealed direcly .
those xss are a serious security issue for a forum , because they are permanent .
local file include :
also once the attacker have stoolen the cookie , then he will get admin ,
in the administration there's a local file include here :
laurent gaffié & benjamin mossé
contact: saps.audit (at) gmail (dot) com [email concealed]
[ reply ]
Copyright 2010, SecurityFocus