PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug

August 1, 2015 007admin Leave a comment

Posted by Jing Wang on Aug 01

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web
Application 0-Day Bug

Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security
Vulnerability
Product: PhotoPost PHP
Vendor: PhotoPost
Vulnerable Versions: 4.8c 4.8.6 4.8.5 4.8.2 3.1.1 vB3
Tested Version: 4.8c vB3
Advisory Publication: July 25, 2015
Latest Update: July 28, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference:
Impact CVSS Severity…

007 Software

PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web Application 0-Day Bug

Leave a Reply Cancel reply

Software and Security Information