VULHUB ™

Recherche is a search application which is designed to be implemented in web sites. Recherche is maintained by PHP Gratuit. Recherche does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'add.php3' script. Such a malicious link might be included in a HTML e-mail or on a malicious webpage. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running Recherche .

Recherche is a search application which is designed to be implemented in web sites. Recherche is maintained by PHP Gratuit. Recherche does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'add.php3' script. Such a malicious link might be included in a HTML e-mail or on a malicious webpage. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running Recherche .