• info
• discussion
• exploit
• solution
• references

Arab IT ArabPortal System Cross-Site Scripting Vulnerability

An exploit is not required.

Example URI have been provided:

http://www.example.com/online.php?&title=D3vil-0x1</title><XSS>CODE</XSS>
http://www.example.com/download.php?action=byuser&userid=1&title=D3vil-0x1</title><XSS>CODE</XSS>