AOH :: HP Unsorted Y :: B06-4443.HTM

YaPiG thanks_comment.php Cross-Site Scripting Vulnerability



YaPiG thanks_comment.php Cross-Site Scripting Vulnerability
YaPiG thanks_comment.php Cross-Site Scripting Vulnerability



/*  =0D
    Kuon =0D
=0D
    Kuon-[at]-Armorize.com=0D
=0D
    YaPiG thanks_comment.php Cross-Site Scripting Vulnerability=0D
=0D
    Contact : Kuon-[at]-Armorize.com=0D
=0D
Link : www.Armorize.com=0D 
*/=0D
=0D
Armorize Technologies Security Advisory=0D
=0D
Advisory No: 20061001=0D
Date: 2006/08/25=0D
=0D
Affected Software: =0D
yapig 0.95b=0D
=0D
Vulnerability Description: =0D
Cross-Site Scripting Vulnerability=0D
=0D
Detection/Exploit:=0D
http://www.example.com/[PATH]/template/default/thanks_comment.php?D_REFRESH_URL=[XSS]=0D 
=0D
Disclosure Timeline:=0D
2006/08/17=0D
=0D
Armorize Technologies provides next-generation source code analysis tools to help developers identify and remediate vulnerabilities in their web application source. CodeSecure=99, Armorize=92s premier source code analysis tool is available for analysis of PHP, JSP and ASP. Find out more at www.armorize.com .=0D 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.