Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> PWSPHP XSS

Vulnerability Assessment Details

PWSPHP XSS
Vulnerability Assessment Summary
Checks XSS in PWSPHP

Detailed Explanation for this Vulnerability Assessment

The remote host runs PWSPHP (Portail Web System) a CMS written in PHP.

The remote version of this software is vulnerable to cross-site
scripting attack due to a lack of sanity checks on the 'skin' parameter
in the script SettingsBase.php.

With a specially crafted URL, a possible hacker could use the remote server
to set up a cross site script attack.

Solution: Upgrade to version 1.2.3 or newer
Network Security Threat Level: Medium

Networks Security ID: 13561, 13563

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 David Maciejak
Cables, Connectors


Lot of 10 Dell 1.8TB GP3FR 12Gb/s 2.5

Lot of 10 Dell 1.8TB GP3FR 12Gb/s 2.5" SAS Server Hard Drive

$208.99


Seagate Exos ST20000NM002C 20TB CMR 7200RPM SATA6Gb/s 3.5

Seagate Exos ST20000NM002C 20TB CMR 7200RPM SATA6Gb/s 3.5" Enterprise Hard Drive

$251.00


2TB HDD 3.5

2TB HDD 3.5" SATA Hard Drive DeskTop with Windows 10 HOME / PRO Installed Legacy

$18.99


Fanxiang 512GB 1TB 2TB 4TB SSD 2.5'' SATA III 6Gb/s TLC Internal Hard Drive Lot picture

Fanxiang 512GB 1TB 2TB 4TB SSD 2.5'' SATA III 6Gb/s TLC Internal Hard Drive Lot

$30.99


SEAGATE ST1000NM0033 1TB SATA 7200 RPM HARD DRIVE picture

SEAGATE ST1000NM0033 1TB SATA 7200 RPM HARD DRIVE

$13.00


HGST 4TB SAS Hard Drive 3.5

HGST 4TB SAS Hard Drive 3.5" HUS724040ALS640-NOT FOR DESKTOPS

$24.99


Seagate Barracuda Pro (ST12000DM0007) 12TB SATA 6Gbps 3.5

Seagate Barracuda Pro (ST12000DM0007) 12TB SATA 6Gbps 3.5" Internal Hard Drive

$149.99


Seagate Internal Hard Drive ST24000DM001 24TB 7200 RPM picture

Seagate Internal Hard Drive ST24000DM001 24TB 7200 RPM

$251.99


Fanxiang 4TB 2TB 1TB SSD PS5 PCIe4.0 NVMe M.2 SSD Internal Solid State Drive Lot picture

Fanxiang 4TB 2TB 1TB SSD PS5 PCIe4.0 NVMe M.2 SSD Internal Solid State Drive Lot

$59.99


Certified Refurbished 4TB WD Elements Portable Hard Drive - RWDBU6Y0040BBK-WESN picture

Certified Refurbished 4TB WD Elements Portable Hard Drive - RWDBU6Y0040BBK-WESN

$79.99


Discussions

No Discussions have been posted on this vulnerability.