Home page logo

bugtraq logo Bugtraq mailing list archives

Wikepage Wiki v.2007-2 Cross-Site Scripting
From: darkz.gsa () gamil com
Date: 18 Apr 2008 08:13:02 -0000

Wikepage Wiki v.2007-2 Cross-Site Scripting

Author: Gerendi Sandor Attila
Date: April 09, 2008
Package: Wikepage Wiki
Product homepage: http://wikepage.org/
Versions Affected: v.2007-2 (Other versions may also be affected)
Severity: XSS

Input passed to "wiki" in "index.php" is not properly sanitised before being used. This can be exploited to insert 
arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when 
malicious data is viewed.


1. Contacted the author at April 09, 2008 via sourceforge tracker (no response).

  By Date           By Thread  

Current thread:
  • Wikepage Wiki v.2007-2 Cross-Site Scripting darkz . gsa (Apr 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]