Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpMyDirectory < 10.1.6 review.php Multiple Parameter XSS



The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.


The version of phpMyDirectory installed on the remote host suffers from multiple cross-site scripting vulnerabilities due to its failure to sanitize user-input to its 'review.php' script through various parameters. A remote attacker can exploit these flaws to steal cookie-based authentication credentials and perform other such attacks.


Upgrade to a version of phpMyDirectory greater than 10.1.6 when it becomes available.