Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpPGAds/phpAdNew < 2.0.8 Multiple Injection Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to HTML Injection and Cross-Site Scripting attacks.

Description

There is a flaw in the remote phpAdNew/phpPgAds PHP Ads server, a banner management and tracking system written in PHP. This version of phpAdNew is vulnerable to an HTML injection and a Cross-Site Scripting (XSS) flaw. An attacker exploiting these flaws would be able to gain access to potentially confidential data

Solution

Upgrade to version 2.0.8 or higher.