CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting) Security Vulnerability

December 18, 2014 007admin Leave a comment

Posted by Jing Wang on Dec 19

*CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting)
Security Vulnerability*

Exploit Title: TennisConnect “TennisConnect COMPONENTS System” /index.cfm
pid Parameter XSS
Product: TennisConnect COMPONENTS System
Vendor: TennisConnect
Vulnerable Versions: 9.927
Tested Version: 9.927
Advisory Publication: Nov 18, 2014
Latest Update: Nov 18, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference:…

007 Software

CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting) Security Vulnerability

Leave a Reply Cancel reply

Software and Security Information