Description - XSS and User Data Corruption in PHP Event Calendar
Cross Site Scripting found in PHP Event Calendar script.
- Exploit
- Available
- Solution
- Not available - check Softcomplex website
Registered user has an ability to change his Username and Password.
Username and Password isn't sanitized before being written to users.php file. This can be used to make XSS attack or corrupt users data.
Order PHP Code Test made by eVuln
Prevent attacks by PHP code analysis of your website made by eVuln team.The order will be done by experts in web security.