<<< Date Index >>>     <<< Thread Index >>>

PHPResidence <= 0.6 XSS



PHPResidence <= 0.6 XSS

Discovered by: Nomenumbra
Date: 23/5/2006
impact:moderate (privilege escalation,possible defacement)

PHP Residence software doesn't sanitize any of it's input,
allowing a malicious attacker (providing he/she has an account)
to inject arbitrary HTML or javascript code

Nomenumbra