RSS   Vulnerabilities for 'Banner exchange'   RSS

2006-07-18
 
CVE-2006-3607

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the city parameter in (a) insertmember.php, and (2) a PHPSESSID cookie in (b) lostpassword.php, (c) gen_confirm_mem.php, and (d) index.php.

 

 >>> Vendor: Softbiz 10 Products
Web hosting directory script
Resource repository script
B2b trading marketplace script
FAQ
Image gallery
Dating script
Banner exchange
Recipes portal script
Freelancers script
Jokes and funny pictures script


Copyright 2019, cxsecurity.com

 

Back to Top