| More info |
I need help with , Skadate is script injection issues, using variables such as forum_ID=http://www.malware.com/document.zip, users are able to inject code
our site was infected with malware, we were told that SKADATE site has a XSS vulnerablitiies, below is the fix by NIST
Do you have a fix for this ?
http://web.nvd.nist.gov/...vulnId=CVE-2009-4699
We have to fix this..
Overview
Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php.
Impact
CVSS Severity (version 2.0):
CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type:Allows unauthorized modification |
The Wall
I come to you through this way in search of something new. There is a lingering hope of Friendship, realness, open-mindedness and loyalty. I’m a single lady trying to meet someone genuine and passionate about life who stands with integrity and sincerity.
I’m an independent lady with great aspirations in life, the language of friendship is not words alone, but rather meanings. I hope you see meaning's in my short little note to you, I really would appreciate your friendship i will tell more about myself and also send you my picture for recognition, My email is (aishatu06117@yahoo.co.uk).
I wait your response.
Your's Sincerely,
Miss Aishatu.