Bugtraq mailing list archives
HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities
From: Federico Fazzi <federico () autistici org>
Date: Thu, 15 Jun 2006 20:36:55 +0200
----------------------------------------------------- Advisory id: FSA:017 Author: Federico Fazzi Date: 15/06/2006, 20:31 Sinthesis: HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities Type: low Product: http://hotplugcms.com/ Patch: unavailable ----------------------------------------------------- 1) Description: Error occured in login1.php: 2) Proof of concept: http://example/[hpc_path]/administration/tblcontent/login1.php?msg=[xss] 3) Solution: echo "messages";
Current thread:
- HotPlugCMS 1.0, Cross-Site Scripting Vulnerabilities Federico Fazzi (Jun 15)