MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities

Computer & Web Vulnerabilities

18hyfk3t3yfo7jpg

MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities

Exploit Title: MT.VERNON MEDIA Web-Design v1.12 “gallery.php?" &category parameter HTML Injection Security Vulnerabilities

Product: Web-Design v1.12

Vendor: MT.VERNON MEDIA

Vulnerable Versions: v1.12

Tested Version: v1.12

Advisory Publication: May 08, 2015

Latest Update: May 08, 2015

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Proposition Details:

(1) Vendor & Product Description:

Vendor:

MT.VERNON MEDIA

Product & Vulnerable Versions:

Web-Design

v1.12

Vendor URL & Download:

MT.VERNON MEDIA can be obtained from here,

http://www.mtvernonmedia.com/services/WebDesign.html

Google Dork:

“developed by: Mt. Vernon Media"

Product Introduction Overview:

“In today’s economy every business is more focused on ROI (Return On Investment) than ever before. We’ll help you ensure a solid ROI for your website…

View original post 詳見內文:約396字