Web application abuses : PsychoStats Login Parameter Cross-Site Scripting

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.16057

Categoría: Web application abuses

Título: PsychoStats Login Parameter Cross-Site Scripting

Resumen: PsychoStats is a statistics generator for games. Currently there is support; for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection.;; There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker; may use this flaw to use the remote server to set up attacks against third-party users.

Descripción: Summary:
PsychoStats is a statistics generator for games. Currently there is support
for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection.

There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker
may use this flaw to use the remote server to set up attacks against third-party users.

Solution:
Upgrade to the newest version of this software.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1417
BugTraq ID: 12089
http://www.securityfocus.com/bid/12089
Bugtraq: 20041223 Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier (Google Search)
http://marc.info/?l=bugtraq&m=110383119525592&w=2
http://www.gulftech.org/?node=research&article_id=00057-12222004
http://www.psychostats.com/forums/viewtopic.php?t=11022
http://secunia.com/advisories/13619/
XForce ISS Database: psychostats-login-xss(18651)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18651

Copyright Copyright (C) 2004 Noam Rathaus

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.16057
Categoría:	Web application abuses
Título:	PsychoStats Login Parameter Cross-Site Scripting
Resumen:	PsychoStats is a statistics generator for games. Currently there is support; for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection.;; There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker; may use this flaw to use the remote server to set up attacks against third-party users.
Descripción:	Summary: PsychoStats is a statistics generator for games. Currently there is support for a handful of Half-Life 'MODs' including Counter-Strike, Day of Defeat, and Natural Selection. There is a bug in this software which makes it vulnerable to HTML and JavaScript injection. An attacker may use this flaw to use the remote server to set up attacks against third-party users. Solution: Upgrade to the newest version of this software. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1417 BugTraq ID: 12089 http://www.securityfocus.com/bid/12089 Bugtraq: 20041223 Cross Site Scripting In PsychoStats 2.2.4 Beta && Earlier (Google Search) http://marc.info/?l=bugtraq&m=110383119525592&w=2 http://www.gulftech.org/?node=research&article_id=00057-12222004 http://www.psychostats.com/forums/viewtopic.php?t=11022 http://secunia.com/advisories/13619/ XForce ISS Database: psychostats-login-xss(18651) https://exchange.xforce.ibmcloud.com/vulnerabilities/18651
Copyright	Copyright (C) 2004 Noam Rathaus