Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: tb12860.htm

snewscms.net.ru lang file vuln



new vuln in snewscms.net.ru in lang file
new vuln in snewscms.net.ru in lang file



New Advisory:=0D
 Snewscms Rus=0D
http://www.medconsultation.ru=0D 
=0D
--------------------Summary----------------=0D
 Software: SnewsCMS Rus v. 2.1=0D
Sowtware's Web Site: http://www.snewscms.net.ru=0D 
 Versions: 2.1=0D
 Critical Level: Moderate=0D
 Type: XSS=0D
 Class: Remote=0D
 Status: Unpatched=0D
 PoC/Exploit: Not Available=0D
 Solution: Not Available=0D
Discovered by: http://medconsultation.ru=0D 
=0D
-----------------Description---------------=0D
 1. XSS.=0D
=0D
Vulnerable script: news_page.php=0D
=0D
Parameters 'page_id' is not=0D
properly sanitized before being used in HTML tags. 

XSS

=0D">http://target.com/news_page.php?page_id=">

XSS

=0D
=0D --------------PoC/Exploit----------------------=0D Waiting for developer(s) reply.=0D =0D --------------Solution---------------------=0D No Patch available.=0D =0D --------------Credit-----------------------=0D Discovered by: http://www.medconsultation.ru


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH