chacmool Private Message System 1.1.3 - 'send.php' Arbitrary Message Access
| EKU-ID: 30112 | CVE: OSVDB-11791 | OSVDB-ID: |
| Author: digital ex | Published: 2004-11-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30112 | CVE: OSVDB-11791 | OSVDB-ID: |
| Author: digital ex | Published: 2004-11-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/11671/info Private Message System is reported prone to multiple vulnerabilities that can allow remote attackers to carry out cross-site scripting attacks and disclose arbitrary private messages. Private Message System 1.1.3 is reported vulnerable to these issue, however, it is possible that other version are affected as well. http://www.example.com/message_send.php?quote=[ID]