ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
BID:18339
CVE-2006-3002 |Info
ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
| Bugtraq ID: | 18339 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 08 2006 12:00AM |
| Updated: | Sep 01 2006 03:58PM |
| Credit: | luny is credited with the discovery of this vulnerability. |
| Vulnerable: |
ScriptsEZ.net Easy Ad-Manager 0 |
| Not Vulnerable: | |
Discussion
ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
Easy Ad-Manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Easy Ad-Manager is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
Attackers can exploit this issue via a web client.
Attackers can exploit this issue via a web client.
Solution / Fix
ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
Solution:
The vendor has addressed this issue in the latest release of the affected software. Users are advised to contact the vendor for details on obtaining and applying the appropriate updates.mailto:[email protected]
Solution:
The vendor has addressed this issue in the latest release of the affected software. Users are advised to contact the vendor for details on obtaining and applying the appropriate updates.mailto:[email protected]
References
ScriptsEZ Easy Ad-Manager Details.PHP Cross-Site Scripting Vulnerability
References:
References:
- Vendor Homepage (ScriptsEZ.net)
- Easy Ad-Manager (luny)