Andy’s PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
Jul 7, 20111 min read
SecPod Research Team member (Sooraj K.S) has found multiple cross-site scripting vulnerabilities in Andy’s PHP Knowledgebase. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials or inje...
SecPod Research Team member (Sooraj K.S) has found multiple cross-site scripting vulnerabilities in Andy’s PHP Knowledgebase. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials or inject arbitrary HTML code and launch further attacks.
More information can be found here.