Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ublog_reload | Uapplication | 1.0 (including) | 1.0 (including) |
| Ublog_reload | Uapplication | 1.0.3 (including) | 1.0.3 (including) |
| Ublog_reload | Uapplication | 1.0.4 (including) | 1.0.4 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111214393101387\u0026w=2
- http://secunia.com/advisories/14725
- http://securitytracker.com/id?1013603
- http://www.osvdb.org/15121
- http://www.persianhacker.net/news/news-2945.html
- http://www.securityfocus.com/bid/12931
- http://marc.info/?l=bugtraq\u0026m=111214393101387\u0026w=2
- http://secunia.com/advisories/14725
- http://securitytracker.com/id?1013603
- http://www.osvdb.org/15121
- http://www.persianhacker.net/news/news-2945.html
- http://www.securityfocus.com/bid/12931