info
discussion
exploit
solution
references
Zomplog Detail.PHP HTML Injection Vulnerability
No exploit is required.
An example has been provided:
put <script>alert('test')</script> in http://localhost/zomplog/detail.php?id=1#comments
Privacy Statement
Copyright 2010, SecurityFocus
