foojanInject.txt

Vendor : http://foojan.soltoononline.com A complete Persian PHP Weblog WMS Example Information Disclosure: http://target/foojan/adminmodules/daylinks/index.php http://target/foojan/index.php?daylinkspage=-1 Refferer Html Injection Where : in gmain.php $Weblog- query "INSERT INTO visits id , ip ,...

Foojan PHPWeblog - Html Injection

source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...