|
|
Foojan PHPWeblog Html Injection Vulnerability
No exploit is required. Proof of concept code has been provided: in gmain.php: $Weblog-> query ("INSERT INTO `visits` ( `id` , `ip` , `refferer` , `date` , `time` )VALUES ('', '".$_SERVER['HTTP_USER_AGENT']."', '".$_SERVER['HTTP_REFERER']."', '$num', '$num2');"); |
|
Privacy Statement |