ID de Prueba:	1.3.6.1.4.1.25623.1.0.15850
Categoría:	Web application abuses
Título:	phpCMS XSS
Resumen:	The remote host runs phpCMS, a content management system; written in PHP.;; This version is vulnerable to cross-site scripting due to a lack of; sanitization of user-supplied data in parser.php script.
Descripción:	Summary: The remote host runs phpCMS, a content management system written in PHP. This version is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in parser.php script. Vulnerability Impact: Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server. Solution: Upgrade to version 1.2.1pl1 or newer. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1202 BugTraq ID: 11765 http://www.securityfocus.com/bid/11765 Bugtraq: 20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure (Google Search) http://marc.info/?l=bugtraq&m=110149207123510&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029499.html XForce ISS Database: phpcms-parser-xss(18272) https://exchange.xforce.ibmcloud.com/vulnerabilities/18272
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.