RSS   Vulnerabilities for 'Quizshock'   RSS

2007-04-10
 
CVE-2007-1905

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "<"<".

 

 >>> Vendor: Pineapple technologies 2 Products
LORE
Quizshock


Copyright 2024, cxsecurity.com

 

Back to Top