FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting | Gerki

Exploiter

Хакер

21 Дек 2022

EDB-ID: 30206

Проверка EDB

Пройдено

Автор: IVAN ALMUINA

Тип уязвимости: WEBAPPS

Платформа: CFM

CVE: cve-2007-3339

Дата публикации: 2007-06-20

Код:

source: https://www.securityfocus.com/bid/24563/info

FuseTalk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks. 

http://www.example.com/forum/include/common/comfinish.cfm?FTRESULT.errorcode=0&FTVAR_SCRIPTRUN=[xss]

Источник: www.exploit-db.com

Поиск

Exploit FuseTalk 4.0 - 'forum/include/common/comfinish.cfm?FTVAR_SCRIPTRUN' Cross-Site Scripting

Exploiter

Похожие темы