Hey all,

You may have seen my earlier message about a current client whose site I've taken over maintenance on that is trying to get PCI Compliance from Security Metrics. I've put all the forms behind https and a couple of other things, but this one I don't know how to solve. I'll read up on cross site scripting, but could someone help me understand what they believe the vulnerability is in their notes below?


Possible cross site scripting on http://www.ranghart.com/index.php

Use the following commands to verify this: wp --inject

TCP http/https 4
                 curl -L

grep "123" This website may have other injection related vulnerabilities.

Skip Evans
Big Sky Penguin, LLC
503 S Baldwin St, #1
Madison WI 53703
Those of you who believe in
telekinesis, raise my hand.
 -- Kurt Vonnegut

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to