Dijitals CMS XSS Vulnerabilities

Please view the original advisory here.

The Dijitals CMS suffers from several XSS vulnerabilities. Built-in filters try to avoid XSS, sql injections and local + remote file inclusions. The XSS filters can be tricked by e.g. using String.fromCharcode.

June 10th, 2010 in XSS | tags: advisory, Dijitals CMS, exploit, html code injection, Security, vulnerabilities, XSS

1 Comment

Dijitals CMS Multiple Cross-Site Scripting Vulnerabilities « Bug-BlogJune 11th, 2010 at 23:35

[...] ORIGINAL ADVISORY: http://www.xenuser.org/2010/06/10/dijitals-cms-xss-vulnerabilities/ [...]

You must be logged in to post a comment.

Ascii for Breakfast

Register here Blog about Xen, IT-Security, Linux and other stuff.

valentin@xenuser.org

Active projects

Exploit-DB updates

blog.xen.org

28 feed subscribers

Ascii for BreakfastSubscribe here (RSS)

Dijitals CMS XSS Vulnerabilities

1 Comment

Leave a comment

Ascii for Breakfast

Recent Posts

Active projects

Blogroll

Archives

Tag cloud

Files ≈ Packet Storm

Exploit-DB updates

blog.xen.org

Author Links