MM Chat Local File Include and Multiple Cross Site Scripting Vulnerabilities

An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim into following a malicious URI, for example:[XSS][XSS]

The following proof-of-concept URI is available for the LFI issue:[LFI]


Privacy Statement
Copyright 2010, SecurityFocus