PHPizabi 'v_cron_proc.php' Arbitrary Script Injection Vulnerabilities

PHPizabi is prone to two vulnerabilities that allow attackers to execute arbitrary script code because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues to execute arbitrary script code in the context of the webserver. Successful exploits can compromise the application.

PHPizabi 0.848b C1 HFP1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus