Posted by Curesec Research Team (CRT) on Dec 23

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: PhpSocial v2.0.0304_20222226
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Webite: http://phpsocial.net
Vulnerability Type: XSS / Open Redirect
Remote Exploitable: Yes
Reported to vendor: 11/21/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH

2….