|
Description
|
|
Gjoko Krstic has discovered a weakness and two vulnerabilities in Artiphp, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
1) Input passed via the "expediteur" and "titre_save" POST parameters to artpublic/recommendation/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) The application stores database backups with a predictable file name inside the web root, which can be exploited to disclose sensitive information by downloading the file.
The weakness and the vulnerabilities are confirmed in version 5.5.0 Neo. Other versions may also be affected.
|
