"Powered by My Blog" intext:"FuzzyMonkey.org"

  • 日期:2004-10-26
  • 类别:
  • 作者:anonymous
  • 语法:"Powered by My Blog" intext:"FuzzyMonkey.org"
  • FuzzyMonkey My Blog is vulnerable to multiple input validation vulnerabilities. These issues are caused by a failure to validate and filter user-supplied strings before including them in dynamic Web page content.An attacker could leverage these issues to carry out cross-site scripting attacks against unsuspecting users, facilitating theft of cookie-based authentication credentials as well as other attacks.vulnerable FuzzyMonkey My Blog 1.15FuzzyMonkey My Blog 1.16FuzzyMonkey My Blog 1.17FuzzyMonkey My Blog 1.18FuzzyMonkey My Blog 1.19FuzzyMonkey My Blog 1.20not vulnerable FuzzyMonkey My Blog 1.21 They also have several other scripts, which may or may not be vulnerable. But remember Murphy's law also applies to software writers.# My Photo Gallery (picture and file sharing software)# My Calendar (quick and easy web calendar)# My Voting Script# My Guestbookhttp://www.securityfocus.com/bid/11325