PT-2005-2100 · Azdg · Azdgdatingplatinum
Publicado
2005-04-12
·
Atualizado
2017-07-11
·
CVE-2005-1081
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
AzDGDatingPlatinum version 1.1.0
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the
id parameter in the view.php file.Recommendations
For AzDGDatingPlatinum version 1.1.0, consider restricting access to the view.php file or validating and sanitizing the
id parameter to prevent injection of malicious scripts. As a temporary workaround, avoid using the id parameter in the view.php file until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Azdgdatingplatinum