source: http://www.securityfocus.com/bid/35808/info PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. http://www.example.com/browse_men.php?show="><script>alert(document.cookie);</script>
Related Exploits
Trying to match CVEs (1): CVE-2009-2882Trying to match OSVDBs (1): 56557
Other Possible E-DB Search Terms: PG Matchmaking
Date | D | V | Title | Author |
---|---|---|---|---|
2009-06-24 |
![]() |
PG Matchmaking - 'browse_ladies.php?show' Cross-Site Scripting | Moudi | |
2009-06-24 |
![]() |
PG Matchmaking - 'search.php?show' Cross-Site Scripting | Moudi | |
2009-06-24 |
![]() |
PG Matchmaking - 'services.php?show' Cross-Site Scripting | Moudi | |
2008-09-29 |
![]() |
PG Matchmaking Script - Multiple SQL Injections | Super Cristal |