PHP Arena PAFileDB Rate File Cross-Site Scripting Vulnerability

The following proof-of-concept example was provided:

http://www.example.com/downloads/pafiledb.php?action=rate&id=4?"<script>alert('Testing')</script>"


 

Privacy Statement
Copyright 2010, SecurityFocus