• info
• discussion
• exploit
• solution
• references

MyKazaam Notes Management System 'notes.php' SQL Injection and Cross Site Scripting Vulnerabilities

An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.