OxYProject Edit Chat History Remote Code Execution Vulnerability

OxYProject is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input.

An attacker can leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

OxYProject 0.85 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus