Cross-site Scripting Vulnerabilities in eSyndiCat Directory by eSyndiCat
CVE-2008-6924

Currently unrated

Key Information:

Vendor: Intelliants
Status: Esyndicat
Vendor: CVE Published:; 10 August 2009

🔔 Create Intelliants Vulnerability Alert

What is CVE-2008-6924?

The eSyndiCat Directory 2.2 version is susceptible to multiple cross-site scripting (XSS) vulnerabilities in its register.php file. An attacker can exploit these flaws by injecting malicious web scripts or HTML through various user input fields, including username, email, password, confirmation password, security code, and registration parameters. This could potentially lead to unauthorized actions and data exposure, making it crucial for users to implement security measures against such exploitation.

References

http://packetstorm.linuxsecurity.com/0807-exploits/esyndi...

x_refsource_MISC

http://www.osvdb.org/46908

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/43715

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2009
Vulnerability Reserved
Aug 10, 2009