7 lines
No EOL
623 B
Text
7 lines
No EOL
623 B
Text
source: http://www.securityfocus.com/bid/11220/info
|
|
|
|
Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters.
|
|
|
|
An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer, to carry out cross-site scripting attacks, and to make SLQ injection attacks against the vulnerable application.
|
|
|
|
http://www.example.com/index.php?option=com_content&task=view&id=15&Itemid=2&limit=1"><script>alert(document.cookie)</script>&limitstart=1 |