Cross-site scripting (XSS) vulnerability in index.html (aka the administration page) in PHP Link Directory (phpLD) 3.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted link, which is triggered when the administrator uses the Validate Links functionality.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php_link_directory | Php_link_directory | * | 3.0.6 (including) |
References
- http://osvdb.org/32952
- http://www.securityfocus.com/archive/1/457672/100/0/threaded
- http://www.smilehouse.com/advisory/phplinkdirectory_070121.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31662
- http://osvdb.org/32952
- http://www.securityfocus.com/archive/1/457672/100/0/threaded
- http://www.smilehouse.com/advisory/phplinkdirectory_070121.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31662