Bugtraq mailing list archives
PHP Code Snippet Library Multiple Cross-Site Scripting (XSS) Vulnerabilities
From: Nikyt0x Argentina <nikyt0x () hotmail com>
Date: 24 Aug 2004 22:04:46 -0000
[Nikkyt0x Advisory] #0000-0001 [PHP Code Snippet Library Multiple Cross-Site Scripting (XSS) Vulnerabilities] Software: PHP Code Snippet Library Vendor: http://www.php-csl.com/ Date: 24/08/2004 Author: Nikyt0x [ nikyt0x () hotmail com ] Site: http://nikyt0x.webcindario.com Advisory URL: http://nikyt0x.webcindario.com/0001.txt Vamos Argentina ! [ Description ] It was designed to help PHP programmers store commonly used code in a central repository. Code can be stored in categories for easy managment. [ Vulnerability ] PHP Code Snippet Library not have html filters in:
cat_select show
[ Proof of concept ] http://localhost/[path]/index.php?cat_select=[XSS] http://localhost/[path]/index.php?cat_select=[XSS]&show=[XSS] Example: http://nikyt0x.webcindario.com/1.jpg
Current thread:
- PHP Code Snippet Library Multiple Cross-Site Scripting (XSS) Vulnerabilities Nikyt0x Argentina (Aug 24)