• info
• discussion
• exploit
• solution
• references

phpTrafficA Multiple Input Validation Vulnerabilities

phpTrafficA is prone to input-validation vulnerabilities, including an SQL-injection issue and a cross-site scripting issue, because the application fails to sanitize user-supplied input.

A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpTrafficA 1.4.2 is affected; prior versions may also be vulnerable.