CVE-2010-4783 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18 when magic_quotes_gpc is disabled allow remote attackers to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner parameters.
Reference
http://evuln.com/vulns/148/summary.html http://packetstormsecurity.org/files/view/96154/easybannerfree-xss.txt http://secunia.com/advisories/42316 http://www.osvdb.org/69510 http://www.securityfocus.com/archive/1/514905/100/0/threaded http://www.securityfocus.com/bid/45066 Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18 when magic_quotes_gpc is disabled allow remote attackers to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner parameters.
Share on: