BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
WikiNi Multiple Cross Site Scripting Vulnerabilities Oct 23 2006 07:26PM
raphael huck free fr
Hi, I've found 2 XSS vulns in WikiNi. The programmers have been contacted and the vulns addressed in version 0.4.4.

The name parameter of page wakka.php is not properly sanitized:

<html>
<body>

<form method="POST" enctype="application/x-www-form-urlencoded" action="http://www.example.com/wakka.ph...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus