• info
• discussion
• exploit
• solution
• references

DCP Portal Multiple Input Validation Vulnerabilities

An exploit is not required.

Example URI have been provided:

http://www.example.com/calendar.php?show=full_month&s=1&submit=GO&day=[XSS]

http://www.example.com/search.php post this code <script>alert('night_warrior');</script>