Description
Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to journal.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
Exploits (2)
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112456235729717&w=2
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014747
Various Sources x_refsource_misc
http://www.neocrome.net
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14619
Scores
EPSS
0.0094
EPSS Percentile
76.3%
Details
Status
published
Products (1)
neocrome/land_down_under
800
Published
Aug 23, 2005
Tracked Since
Feb 18, 2026