PT-2005-1806 · Unknown · Photopost Php

Igor Franchuk

Publicado

2005-03-20

Atualizado

2017-07-11

CVE-2005-0777

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PhotoPost PHP version 5.0 RC3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerabilities are specifically found in the check tags function and the editbio field in the user profile.

Recommendations For PhotoPost PHP version 5.0 RC3, consider disabling the check tags function and restricting access to the editbio field in the user profile until a patch is available. Avoid using the editbio field in user profiles until the issue is resolved.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0777

Produtos afetados

Photopost Php

PT-2005-1806 · Unknown · Photopost Php

CVE-2005-0777

Identificadores relacionados

Produtos afetados

Referências · 6