N/A

Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Classifieds Script allow remote attackers to inject arbitrary web script or HTML via the (1) radio parameter to showcategory.php, (2) msg parameter to advertisers/signinform.php, (3) radio parameter to gallery.php, (4) msg parameter to lostpassword.php, (5) radio parameter to showcategory.php, (6) msg parameter to admin/adminhome.php, and (7) msg parameter to admin/index.php. NOTE: a different signinform.php file is already covered by CVE-2008-6306.

N/A

N/A

Softbiz Classifieds Script多个远程文件跨站脚本攻击漏洞

Classifieds Script是一个分类广告管理脚本。 Softbiz Classifieds Script中存在多个跨站脚本攻击漏洞。远程攻击者 注入任意web脚本或HTML 可以借助(1)对showcategory.php的radio参数，(2)对advertisers/signinform.php的msg参数，(3)对gallery.php的radio参数，(4)对lostpassword.php的msg参数，(5)对showcategory.php的radio参数，(6)对admin/adm

N/A

N/A