Description
Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in delete.php and (2) the error parameter in error.php.
Exploits (2)
exploitdb
WRITEUP
VERIFIED
by s3rv3r_hack3r · textwebappsphp
https://www.exploit-db.com/exploits/28503
exploitdb
WRITEUP
VERIFIED
by s3rv3r_hack3r · textwebappsphp
https://www.exploit-db.com/exploits/28502
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/445745/100/0/threaded
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19932
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1567
Scores
EPSS
0.0143
EPSS Percentile
80.7%
Details
Status
published
Products (1)
idevspot/textads
Published
Sep 13, 2006
Tracked Since
Feb 18, 2026