BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Netvolution referer header SQL injection vulnerability Oct 03 2011 10:47AM
Dimitris Glynos (dimitris census-labs com)
Netvolution CMS v2.5.8 is vulnerable to a blind SQL injection attack
in the HTTP â??refererâ? header. A malicious user may utilize this
vulnerability to modify content on the vulnerable website, inject
malicious javascript code to a visitorâ??s browser, collect CMS usernames
and plaintext passwords...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus