New Post

Monday, October 29, 2012

source: http://www.securityfocus.com/bid/6246/info
Due to insufficient sanitization of user supplied values, it is possible to exploit a vulnerability in VBulletin. By passing an invalid value to a variable located in 'members2.php', it is possible to generate an error page which will include attacker-supplied HTML code which will be executed in a legitimate users browser.

READ MORE »

0 nhận xét:

Post a Comment