Re: [Full-disclosure] [Bkis] sNews 1.7.1 XSS vulnerability

On Thu, May 12, 2011 at 09:59:16AM +0700, Bkis wrote: > 1. General Information > > sNews is a free content management system (CMS) written in PHP and MySQL. It > is available at http://snewscms.com/. In April 2011, Bkis Security discovered > an XSS (Cross-site Scripting) vulnerability in sNews C

[Full-disclosure] [Bkis] sNews 1.7.1 XSS vulnerability

1. General Information sNews is a free content management system (CMS) written in PHP and MySQL. It is available at http://snewscms.com/. In April 2011, Bkis Security discovered an XSS (Cross-site Scripting) vulnerability in sNews CMS version 1.7.1. Taking advantage of this vulnerability, hacke