NuytsTech Security

CVE-2007-3596

by ·

inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS).

Date published : 2007-07-06

http://www.securityfocus.com/bid/24644

http://phpvideopro.cvs.sourceforge.net/phpvideopro/phpvideopro/inc/vul_check.inc?r1=1.10&r2=1.11

Tags: