Family: CGI abuses : XSS --> Category: attack
PHPMyDirectory review.php Multiple Cross-Site Scripting Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple cross-site scripting vulnerabilities in PHPMyDirectory's review.php
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is susceptible to
multiple cross-site scripting attacks.
The version of phpMyDirectory installed on the remote host suffers
from multiple cross-site scripting vulnerabilities due to its failure
to sanitize user-input to its 'review.php' script through various
parameters. A remote attacker can exploit these flaws to steal
cookie-based authentication credentials and perform other such
See also :
Upgrade to phpMyDirectory version 10.1.6 or newer.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.