Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting

Related Vulnerabilities: CVE-2003-0310  
Publish Date: 16 May 2003
Author: Ferruh Mavituna
Source / Download Exploit 
                source: http://www.securityfocus.com/bid/7616/info

A cross-site scripting vulnerability has been reported for eZ publish. Specifically, eZ publish does not sufficiently sanitize user-supplied input supplied to the 'index.php' script.

This may allow for theft of cookie-based authentication credentials and other attacks. 

http://www.example.com/index.php/article/articleview/<img%20src="javascript:alert(document.cookie)">

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started