Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2008-2759

Description

Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) showfields, (2) text, and (3) submissions parameters to search.asp and the (4) name parameter to users.asp. NOTE: some of these details are obtained from third party information.

POC

Reference

- http://marc.info/?l=bugtraq&m=121322052622903&w=2

- http://securityreason.com/securityalert/3950

- http://www.securityfocus.com/bid/29672

Github

No PoCs found on GitHub currently.