ush.it - a beautiful place

Pixelpost (Calendar addon 1.1.6) 1.7.3 Multiple vulnerabilities

April 7, 2011 at 5:46 pm - Filed under Hacks - 1033 words, reading time ~3 minutes - Permalink - Comments

Simone "negator" Onofri found multiple issues in a nice image gallery script that was going to use for his personal purposes, perhaps it's better to wait a couple of releases before using this in production. Since the vendor was not responsive this is a forced release. Found vulnerabilities include Blind SQL Injection and XSS.

THP USH Wisec DigitalBullets