- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 25434
- Проверка EDB
-
- Пройдено
- Автор
- GULFTECH SECURITY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2005-1202
- Дата публикации
- 2005-04-18
Код:
source: https://www.securityfocus.com/bid/13212/info
eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available.
The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL injection attacks.
http://egroupware/index.php?menuaction=addressbook.uiaddressbook.edit&ab_id=11[XSS]
http://egroupware/index.php?menuaction=manual.uimanual.view&page=ManualAddressbook[XSS]
http://egroupware/index.php?menuaction=forum.uiforum.post&type=new[XSS]
http://egroupware/wiki/index.php?page=RecentChanges[XSS]
http://egroupware/wiki/index.php?action=history&page=WikkiTikkiTavi&lang=en[XSS]
http://egroupware/index.php?menuaction=wiki.uiwiki.edit&page=setup[XSS]- Источник
- www.exploit-db.com
