Thursday, May 1, 2008

PHP Fusion v.6.00.307 Cross-Site Scripting

Author: Gerendi Sandor Attila
Date: April 23, 2008
Package: PHP Fusion
Product Homepage:
Versions Affected: v.6.00.307 (Other versions may also be affected)
Severity: XSS

Input passed to "subject" parameter in "contact.php" is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when malicious data is viewed.

POST http://somehost/phpfusion_6_00_307/contact.php HTTP/1.0
Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Content-Length: 115
Cookie: fusion_visited=yes
Connection: Close
Pragma: no-cache


1. Contacted the author at April 23, 2008 via
2. No response

No comments:

Post a Comment