MidnightBSD

Advisories for yuri_d'elia

CVE-2010-0963 MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
yuri_d'elia dl 0.4
yuri_d'elia dl 0.2
yuri_d'elia dl 0.3
yuri_d'elia dl *
yuri_d'elia dl 0.5
yuri_d'elia dl 0.1