NPDS 4.8 /5.0 – ‘modules.php?Lettre’ Cross-Site Scripting

NPDS 4.8 /5.0 – ‘modules.php?Lettre’ Cross-Site Scripting

漏洞ID 1055138 漏洞类型
发布时间 2005-05-28 更新时间 2005-05-28
图片[1]-NPDS 4.8 /5.0 – ‘modules.php?Lettre’ Cross-Site Scripting-安全小百科CVE编号 N/A
图片[2]-NPDS 4.8 /5.0 – ‘modules.php?Lettre’ Cross-Site Scripting-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25745
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/13803/info
   
NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks.
   
This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
   
All versions of NPDS are considered vulnerable to this issue at the moment. 

http://www.example.com/modules.php?ModPath=glossaire&ModStart=glossaire&op=rech_lettre&lettre=<script>alert()</script>

相关推荐: Microsoft Excel 97 / 2000 Register.ID Vulnerability

Microsoft Excel 97 / 2000 Register.ID Vulnerability 漏洞ID 1103953 漏洞类型 Access Validation Error 发布时间 2000-07-11 更新时间 2000-07-11 CVE编…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享