|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 3674 CVE : CVE-2008-0837 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : Yes Credit : Krzysztof Burghardt Published : 20.02.2008
Advisory Text : Hello all, There is a bug in "Log" function of Search Unleashed by John Godley, version 0.2.10. This plug-in stores search queries but does not validates stored data and put them back "raw" to browser. HTML and Java Script can be injected with search request: /blog/?s=%3Ctextarea+onmouseover%3D%22alert%28document.cookie%29%3B%22%3 E%3C%2Ftextarea%3E&searchbutton=go%21 To execute injected code admin have to go to Manage -> Search Unleashed -> Log (and in my example point his cursor to text area). Author was notified by his bug tracker: http://urbangiraffe.com/tracker/issues/show/60 Regards, -- Krzysztof Burghardt <krzysztof (at) burghardt (dot) pl [email concealed]> http://www.burghardt.pl/  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |