header-logo
Suggest Exploit
vendor:
Walla TeleSite
by:
Unknown
5.5
CVSS
MEDIUM
Input Validation Vulnerabilities
20
CWE
Product Name: Walla TeleSite
Affected Version From: 3
Affected Version To: 3
Patch Exists: NO
Related CWE: Unknown
CPE: a:walla_telesite:walla_telesite:3.0
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Walla TeleSite Multiple Input Validation Vulnerabilities

Walla TeleSite is prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. The vulnerabilities include information and path disclosure, file enumeration, SQL injection, and cross-site scripting attacks within the context of the victim's Web browser and the affected computer. Other attacks are also possible.

Mitigation:

Implement proper input validation and sanitization techniques to prevent these vulnerabilities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15419/info
 
Walla TeleSite is prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input.
 
Walla TeleSite is prone to information and path disclosure, file enumeration, SQL injection, and cross-site scripting attacks within the context of the victim's Web browser and the affected computer.
 
Other attacks are also possible.
 
Walla Telesite version 3.0 is affected; earlier versions are also affected. 

http://www.example.com/ts.exe?tsurl=0.52.0.0&tsstmplt=search_tour&sug=%61%61%61'%20<script>alert()</script>

Navigation

Suggest Exploit

Services By CQR