Exploit Database - Logo

ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (1)

EDB-ID: 28902 Author: AL-garnei Published: 2006-11-03
CVE: CVE-2006-5770 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/20895/info
  
Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. 
  
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
  
http://www.example.com/path/polls.php?Newnews={XSS}
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2006-5770
Trying to match OSVDBs (1): 32048
Other Possible E-DB Search Terms: ac4p Mobile
Date D V Title Author
2006-11-03 Verified ac4p Mobile - '/cp/index.php?pagenav' Cross-Site ScriptingAL-garnei
2006-11-03 Verified ac4p Mobile - 'index.php' Multiple Cross-Site Scripting VulnerabilitiesAL-garnei
2006-11-03 Verified ac4p Mobile - 'MobileNews.php' Multiple Cross-Site Scripting VulnerabilitiesAL-garnei
2006-12-04 Verified ac4p Mobile - 'polls.php' Multiple Cross-Site Scripting Vulnerabilities (2)SwEET-DeViL
2006-11-03 Verified ac4p Mobile - 'send.php?cats' Cross-Site ScriptingAL-garnei
2006-11-03 Verified ac4p Mobile - 'up.php' Multiple Cross-Site Scripting VulnerabilitiesAL-garnei
2006-12-04 Verified ac4p Mobile - 'up.php?Taaa' Cross-Site ScriptingSwEET-DeViL
Menu