SecurityAlert : 106 CVE : CVE-2005-4655 SecurityRisk : Low (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : peanut black-rat no-ip com Published : 24.10.2005
Affected Software :
PHP-Fusion 6.0.204
Advisory Content :
There is a Bug in The News-System:
Post something like:
<me<meta>ta http-equiv = "refresh" content = "1; URL =
http://www.google.com">
and you'll be redirected to google.
Possible Solution: use a recursive function to filter metatags.
Feedback :
If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.