2 matches found
PHPValley Micro Jobs Site Script 1.01 Account Takeover
Author: Jason Whelan PacketStorm: exploitdev Email: [email protected] Target Software: PHPValley Micro Jobs Site Script 1.01 Vendor URL: http://phpvalley.com/ Demo: http://phpvalley.com/demo Account Takeover Vulnerability This vulnerability allows users to edit their username, which the scrip...
CVE-2008-1892
Blogator-script 0.95 and 1.01 are affected by a Cross-Site Scripting (XSS) vulnerability in bs_auth.php where the msg parameter is not properly sanitized. This allows remote attackers to inject arbitrary web script or HTML, potentially compromising users’ browsers (e.g., stealing cookies) when in...