Exploit PostBoard 2.0 - Topic Title Script Execution

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21403
Проверка EDB
  1. Пройдено
Автор
GCSB
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2002-0535
Дата публикации
2002-04-19
Код:
source: https://www.securityfocus.com/bid/4561/info

PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems.

PostBoard does not adequately sanitize input by board users. Because of this, it is possible for users of the board to insert script code in message titles.

The following code is proof of concept:

<script>alert('give me cookies');</script>
 
Источник
www.exploit-db.com

Похожие темы