Описание
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.0.009.dfsg-3-4 |
| devel | released | 1.0.0.009.dfsg-3-4 |
| edgy | released | 1.0.0.009.dfsg-3-4 |
| feisty | released | 1.0.0.009.dfsg-3-4 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.9.16.010-1 |
| devel | released | 0.9.16.010-1 |
| edgy | released | 0.9.16.010-1 |
| feisty | released | 0.9.16.010-1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.3-7 |
| devel | released | 2.3-7 |
| edgy | released | 2.3-7 |
| feisty | released | 2.3-7 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php.
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, ...
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php.
4.3 Medium
CVSS2