Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote malicious users to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter to gallery.php, (4) msg parameter to lostpassword.php, (5) radio parameter to showcategory.php, (6) msg parameter to admin/adminhome.php, and (7) msg parameter to admin/index.php. NOTE: a different signinform.php file is already covered by CVE-2008-6306.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
softbizscripts classifieds script - |