phpPGAds/phpAdNew < 2.0.8 Multiple Injection Vulnerabilities
Medium Nessus Network Monitor Plugin ID 3488
SynopsisThe remote host is vulnerable to HTML Injection and Cross-Site Scripting attacks.
DescriptionThere is a flaw in the remote phpAdNew/phpPgAds PHP Ads server, a banner management and tracking system written in PHP. This version of phpAdNew is vulnerable to an HTML injection and a Cross-Site Scripting (XSS) flaw. An attacker exploiting these flaws would be able to gain access to potentially confidential data
SolutionUpgrade to version 2.0.8 or higher.