|
|
CVE Reference: CVE-2008-7098 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-7098 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the (1) Title and (2) Text fields; (3) the gallery, possibly the Description field in Your Pictures; (4) the forum, possibly the Your Message field when posting a new thread; or (5) the vote parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/44672 http://xforce.iss.net/xforce/xfdb/44674 SAID Secunia Advisory: SA31548 OSVDB 48339 48340 48341 MILW0RM http://www.milw0rm.com/exploits/6312 BID 30842 |
|
| Return to the previous page. |
