Netjuke 1.0-rc2 - sql injection & XSS

2007.09.12
Credit: cod3in
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-79

The Netjuke is a Web-Based Audio Streaming Jukebox powered by PHP 4, a database and all the MP3, Ogg Vorbis and other format files that constitute your digital music collection. Supports images, language packs, multi-level security, random playlists, etc http://sourceforge.net/projects/netjuke =================================== /explore.php?do=list.artists&ge_id=SQL /xml.php?do=show.tracks&id=SQL /alphabet.php?do=alpha.albums&val=XSS /random.php/XSS /admin/hidden.php/XSS


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top