Jump to content

XSS Vulnerability


Recommended Posts

Guest johnkolk
Posted

My Hosting company closed our website because of this? what is it? how do I fix it?

Any help would be great, I'm away fishing for 3 days in about 4 hours so I guess my site will be down for awhile?

See message from Host below

within http://www.adultparty.co.nz/includes/orderSuccess.inc.php

A few minutes ago our intrusion detection systems informed us that an attacker

had exploited an XSS (cross site scripting) vulnerability within the web site

of yours.

The problem appears to be insufficient sanity checking on the variable $glob

within the file orderSuccess.inc.php. We've had to disable the web site and ask

that you correct the problem. Once done, please let us know and we'll re-enable

the web site.

Thanks.

--

iSERVE Security & Abuse

Posted

update to 3.0.7pl1 as there was a vunrability in all other versions...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...