Professional Webmasters Community
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Multiple vulnerabilities in MC Content Manager

Go down

Multiple vulnerabilities in MC Content Manager  Empty Multiple vulnerabilities in MC Content Manager

Post  andry Wed Aug 11, 2010 11:45 pm

This Cross-Site Scripting and SQL Injection vulnerability that found on http://www.szru.gov.ua - site SZRU. Where to use this engine.

All found five XSS and SQL Injection vulnerabilities 3 in MC Content Manager: 1 and 1 XSS 08.01.2007 XSS 23.09.2007 (which I have already made public and which has previously

reported Admin site and have already corrected), 2 and 2 XSS SQLi 30.09.2007 (which I have said privately, because information about them is not published, which is still fixed

only 3 of 4), one XSS, and a SQLi 10.04.2009 (which I have already made public and which has previously reported Admin and sites that are still not fixed).

XSS:

http://site/article.php?root =% 22% 3E% 3Cscript% 3Ealert (document
andry
andry
Moderator
Moderator

Posts : 467
Join date : 2010-05-07

Back to top Go down

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum