source: http://www.securityfocus.com/bid/13372/info
yappa-ng is prone to an unspecified cross-site scripting vulnerability. This issue may allow for theft of cookie-based authentication credentials or other attacks.
The vendor has not published any specific details about this vulnerability other than stating that it is addressed in the 2.3.2 security release of the software.
http://www.example.com/admin_modules/admin_module_info.inc.php?lang_akt[admin_ainfo_hmain]=[XSS]
http://www.example.com/src/index_footer-copyright.inc.php?config[release]=[XSS]
http://www.example.com/src/index_thumbs.inc.php?page[thumb_table_width]=[XSS]
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666