Categories

Applications (244)
Blogs (7)
Content Management (158)
Customer Relationship (4)
Discussion Boards (35)
E-Commerce (15)
General Purpose Directories (2)
Image Galleries (21)
Mailing Lists (1)
Tips (3)
Vulnerabilities (357)
Access Bypass (53)
Cross Site Scripting (134)
Denial Of Service (2)
File Inclusion (53)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (17)
Session Hijacking (2)
SQL Injection (137)
« Tip Of the Day: Be proactive
Wordpress “”PHP_SELF” XSS »

PHPX XSS & Sql Injections

Published by CS Lee March 26th, 2007 in Content Management, Cross Site Scripting and SQL Injection.

Application: PhpX
Version: 3.5.15 or below
Vendor’s URL: http://www.phpx.org
Bug Type: Cross Site Scripting and Sql Injections
Risk: High

Solution:
- Edit the source code to ensure that input is properly sanitized
- Waiting for the official patches that will be available at here

0 Responses to “PHPX XSS & Sql Injections”

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply

You must login to post a comment.

« Tip Of the Day: Be proactive
Wordpress “”PHP_SELF” XSS »

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional