Input-validation vulnerabilities in PHPX

vendor:

PHPX

by:

Unknown

N/A

CVSS

N/A

Input-validation vulnerabilities

Unknown

CWE

Product Name: PHPX

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: Unknown

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested: Unknown

Unknown

Input-validation vulnerabilities in PHPX

The PHPX application fails to properly sanitize user-supplied input, leading to multiple input-validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

Unknown

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23033/info
 
PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input.
 
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
 
http://www.example.com/phpx/forums.php?cat_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id=1&post_id='