exploits , vulnerabilities , articles , Softbiz Photo Gallery Multiple Cross Site Scripting Vulnerabilities

Title	Softbiz Photo Gallery Multiple Cross Site Scripting Vulnerabilities
Published	2008-08-05-12:00AM
Updated	2008-08-05-12:00AM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	sl4xUz
Vulnerable	SoftBiz Photo Gallery 0
Not Vulnerable
Code	To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI.The following example URIs are available: http://www.example.com/index.php?latest=[XSS] http://www.example.com/index.php?msg=[XSS] http://www.example.com/images.php?latest=[XSS] http://www.example.com/images.php?msg=[XSS] http://www.example.com/suggest_image.php?latest=[XSS] http://www.example.com/suggest_image.php?msg=[XSS] http://www.example.com/image_desc.php?latest=[XSS] http://www.example.com/image_desc.php?msg=[XSS] http://www.example.com/admin/index.php?msg=[XSS] http://www.example.com/admin/adminhome.php?msg=[XSS] http://www.example.com/admin/config.php?msg=[XSS] http://www.example.com/admin/changepassword.php?msg=[XSS] http://www.example.com/admin/cleanup.php?msg=[XSS] http://www.example.com/admin/browsecats.php?msg=[XSS] http://www.example.com/admin/images.php?msg=[XSS]
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-08 LightNEasy fckeditor Arbitrary File Upload Vulnerability
2009-12-08 HP OpenView Data Protector Application Recovery Manager Stack Buffer Overflow Vulnerability
2009-12-08 RETIRED: Microsoft December 2009 Advance Notification Multiple Vulnerabilities
2009-12-08 Computer Associates Service Desk Cross-Site Scripting Vulnerability
2009-12-08 Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability
2009-12-08 Microsoft Internet Explorer CSS Race Condition Remote Code Execution Vulnerability
2009-12-08 IBM InfoSphere Information Server Multiple Unspecified Buffer Overflow Vulnerabilities
2009-12-08 Novell iPrint Client Remote Buffer Overflow Vulnerabilities
2009-12-07 FFmpeg TCP/UDP Memory Leak Denial Of ServiceVulnerability
2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Wed, 09 Dec 2009 03:21:43 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
its 2.0 My Little php-nuke 2 news for c www.beijin Sania mirz NT Null Se vuln/explo www.hwrsq. www.pvpwm. i...Freadm Movable Ty sexse+free SHTTPD Buf teen sexy aiswarya bahara gol 114gaokao. www.520hai Www.arabse news for c Pakistanes www.ycllcy Mote Moric sex300.com ameture vi job.jdzol. ChaiServer Momsonsex india 89.c 4250 bangla son news for c free anima www.deskto Microsoft sex300 shop596090 blog.sina. Microsoft waptrik.co alankj.5d6 thrisha pa www.bigwet www.jxpenm xxx.x5.pl nimishanga blog.jshuw X2 WS_FTP dbmail