BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[oCERT-2011-001] Chyrp input sanitization errors Jul 13 2011 08:17PM
Andrea Barisani (lcars ocert org)

#2011-001 Chyrp input sanitization errors

Description:

The Chyrp framework, an open source blogging engine, suffers from cross-site
scripting (XSS) and local file inclusion (LFI) vulnerabilities.

Insufficient input sanitization on the parameters passed to pages related to
administration settings...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus