Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS

2006-05-30T11:05:04
ID OSVDB:26125
Type osvdb
Reporter Nenad Jovanovic(enji@seclab.tuwien.ac.at)
Modified 2006-05-30T11:05:04

Description

Solution Description

Upgrade to version 0.7.0.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://sourceforge.net/projects/osic-win Vendor URL: http://cosp.wordpress.com/tag/osic Secunia Advisory ID:20341 Related OSVDB ID: 26123 Related OSVDB ID: 26126 Related OSVDB ID: 26124 Other Advisory URL: http://www.seclab.tuwien.ac.at/advisories/TUVSA-0605-001.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0677.html Keyword: TUVSA-0605-001 CVE-2006-2750