BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Invision Vulnerabilities, including remote code execution Apr 25 2006 04:06PM
spam we11er co uk
Several Invision Flaws (2.1.5 and possibly earlier)
---------------------------------------------------
IceShaman & Wells
HackThisSite.org

1) Code execution

sources/action_public/search.php line 1261
$this->output = preg_replace( "#(value=[\"']{$this->ipsclass->input['lastdate']}[\"'])#i", "\\1 ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus