BugTraq
Back to list
|
Post reply
Re: [KAPDA::#27] - Runcms 1.x Cross_Site_Scripting vulnerability
Mar 01 2006 11:56PM
roozbeh_afrasiabi yahoo com
[ADDITIONS AND CORRECTIONS]
Detail and PoC :
--------------------
The application does not validate the "lid" variable upon submission to ratelink.php(*) and ratefile.php.
h**p://[target]/public/modules/mylinks/ratelink.php?lid={number}">[code]
h**p://[target]/public/modules/downloads/ratefile.php?lid={number}">[cod
e]
--------------------
(*)ratelink.php was later found to be vulnerable too.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Detail and PoC :
--------------------
The application does not validate the "lid" variable upon submission to ratelink.php(*) and ratefile.php.
h**p://[target]/public/modules/mylinks/ratelink.php?lid={number}">[code]
h**p://[target]/public/modules/downloads/ratefile.php?lid={number}">[cod
e]
--------------------
(*)ratelink.php was later found to be vulnerable too.
[ reply ]