• info
• discussion
• exploit
• solution
• references

Uebimiau Error.PHP Multiple Input Validation Vulnerabilities

An attacker can use a browser to exploit these issues. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting victim into following a malicious URI.

The following proof-of-concept URIs are available:

http://www.example.com/error.php?f_pass=blackybr&sess[auth]=1&selected_theme=../ksuri.php%00

• /data/vulnerabilities/exploits/24210.html