News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Secubos.com:
Cross-Site Scripting Vulnerability in phpFaber
October 31, 2006 @ 11:17:00

A cross-site scripting bug has been announced on the Secuobs.com website for the phpFaber content management system.

Vigilon has reported a vulnerability in phpFaber CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the URL in cms_images/js/htmlarea/htmlarea.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

For complete information on the issue, check out this report.

0 comments voice your opinion now!
security issue crosssite scripting xss phpfaber security issue crosssite scripting xss phpfaber


blog comments powered by Disqus

Similar Posts

DynamicWebPages.de: PHP 4.4.4C1 Released for Testing

L2Admin.com: Battle of the server side scripting languages - Perl, Python & PHP

Zend Developer Zone: How to avoid Identity Theft in Zend Framework with Zend Auth

Tim Bray's Blog: 2008 Prediction 4: PHP Problems

PHP.net: PHP 4 end of life announcement


Community Events





Don't see your event here?
Let us know!


language series zendserver developer podcast introduction conference library tips community laravel framework api deployment bugfix interview release list symfony voicesoftheelephpant

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework