new XSS vulnerability in php-stats -tracking.php Sep 14 2007 11:07AM
root hanicker it
I found a new xss in php-stats 0.1.9.2

http://phpstats.net/

http://www.example.com/php-stats-path/tracking.php?what=online&ip=[XSS]

Stats must have public access for this (difference from whois.php XSS).

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus