FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpsysinfo -- url Cross-Site Scripting

Affected packages
phpSysInfo < 2.5.3_1

Details

VuXML ID 88260dfe-3d21-11dc-b3d3-0016179b2dd5
Discovery 2007-07-27
Entry 2007-07-28
Modified 2007-08-01

Doz reports:

A Input passed in the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

[source]

References

URL http://secunia.com/advisories/26248/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.