2 matches found
USN-716-1: MoinMoin vulnerabilities
Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a...
JAWSControlPanel.phpSQL注入漏洞 Exploit
No description provided by source. Fernando Quintero ([email protected])提供了如下测试方法: 修改login.html文件中的JavaScript函数: script type="text/javascript" function cryptformform var newpassword = calcMD5form.password.value; form.cryptedpassword.value = "' or '2'='2"; form.password.value = ""; return true;...