• info
• discussion
• exploit
• solution
• references

aBitWhizzy CVE-2007-1774 Cross-Site Scripting Vulnerability

aBitWhizzy is prone to a cross-site scripting vulnerability. Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allow remote attackers to inject arbitrary web script or HTML via the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php.