Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure

Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure
BugsAlert Home > Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure




nnposter has discovered some vulnerabilities in Alkacon OpenCms, which can be exploited by malicious users to disclose potentially sensitive information and malicious people to conduct cross-site scripting attacks. Be sure to check if your system is missing security updates or have insecure applications installed: http://secunia.com/software_inspector/ Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through your browser. No installation or download is required. Original Source: http://secunia.com/advisories/29278/ Learn more about Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure


Tags: alkacon opencms filepath cross-site scripting file disclosure

Related Items
CVE-2008-1976 (Drupal)
CVE-2008-4784 (aflog)
GWExtranet Script Injections & Privilege Escalation Vulnerability
Mandriva Security Update Fixes Opal Denial of Service Vulnerability
Vuln: Joomla! and Mambo MambAds Component 'ma_cat' Parameter SQL Injection Vulnerability
CVE-2008-4903 (typo)
CVE-2008-4714 (atomic_photo_album)