Archangel Weblog versions 0.90.02 and below suffer from html injection flaws.
2b91910a0fd834c4306140bccb4665ffe30dd8dbf099b23fb0d76c6abca63478## HeLiOsZ - Dark End Team - Internet Security Team
## Archangel Weblog 0.90.02 and prior Multiple HTML injections
## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net &
http://www.darkend.org
## Rish : Medium
## Type : web applet
## Creator: http://www.archangelmgt.com/
## Exploit:
- To exploit this issue you must only put your injection in the Name,or the
Comment
section,because that two parts do not sanitize the imput
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed