4 matches found
EUVD-2007-0193
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contentsnew operation in the adcontents section...
CVE-2007-0191
CVE-2007-0191 describes a Cross-site Scripting (XSS) vulnerability in MKPortal, specifically in admin.php during a contents_new operation in the ad_contents section. The issue arises from two fields used in that operation, allowing remote attackers to inject arbitrary script/HTML. Available refer...
MkPortal Admin XSS
MkPortal Admin XSS Discovered by: Demential Web: http://headburn.altervista.org E-mail: infoatburnheaddotit Mkportal website: http://www.mkportal.it Go to: /mkportal/admin.php?ind=adcontents&op=contentsnew In both fields write: "scriptalertdocument.cookie/script and press save. Alert will appear...