SiteEnableXSSnSQL.txt

--Alt-Boundary-29920.9701600 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: SiteEnable CMS Multiple Severe XSS and Sql injections Risk:...

SiteEnable Multiple Input Validation Vulnerabilities

The remote host is running a version of the SiteEnable CMS package that has several vulnerabilities : - SQL Injection Vulnerability Due to a failure to properly sanitize user input to the 'sortby' parameter of the 'content.asp' script, an attacker can execute SQL queries against the underlying...