TUCoPS :: HP Unsorted Y :: b06-4443.htm

YaPiG thanks_comment.php Cross-Site Scripting Vulnerability
YaPiG thanks_comment.php Cross-Site Scripting Vulnerability
YaPiG thanks_comment.php Cross-Site Scripting Vulnerability



/*  =0D
    Kuon =0D
=0D
    Kuon-[at]-Armorize.com=0D
=0D
    YaPiG thanks_comment.php Cross-Site Scripting Vulnerability=0D
=0D
    Contact : Kuon-[at]-Armorize.com=0D
=0D
Link : www.Armorize.com=0D 
*/=0D
=0D
Armorize Technologies Security Advisory=0D
=0D
Advisory No: 20061001=0D
Date: 2006/08/25=0D
=0D
Affected Software: =0D
yapig 0.95b=0D
=0D
Vulnerability Description: =0D
Cross-Site Scripting Vulnerability=0D
=0D
Detection/Exploit:=0D
http://www.example.com/[PATH]/template/default/thanks_comment.php?D_REFRESH_URL=[XSS]=0D 
=0D
Disclosure Timeline:=0D
2006/08/17=0D
=0D
Armorize Technologies provides next-generation source code analysis tools to help developers identify and remediate vulnerabilities in their web application source. CodeSecure=99, Armorize=92s premier source code analysis tool is available for analysis of PHP, JSP and ASP. Find out more at www.armorize.com .=0D 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986- AOH