TML 0.5 index.php form Parameter XSS

ID EDB-ID:26839
Type exploitdb
Reporter X1ngBox
Modified 2005-12-15T00:00:00


TML 0.5 index.php form Parameter XSS. CVE-2005-4415. Webapps exploit for php platform


TML CMS is prone to multiple input validation vulnerabilities.

Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks.

TML CMS 0.5 is reportedly affected. Other versions may be vulnerable as well.[ztml]/index.php?type=tpl&form=<h1> x1ng <h1/>