Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Multiple cross-site scripting (XSS) vulnerabilities in statistik.php in Otterware StatIt 4 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter, (2) show parameter in a stat_tld action, or (3) order parameter in a stat_abfragen action.
- http://packetstormsecurity.org/files/108340/statit4-xss.txt
- http://st2tea.blogspot.com/2012/01/otterware-statit4-cross-site-scripting.html
No PoCs found on GitHub currently.