Exploit Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site Scripting

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22076
Проверка EDB
  1. Пройдено
Автор
EURONYMOUS
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2002-11-08
Код:
source: https://www.securityfocus.com/bid/6335/info

Ultimate PHP Board (UPB) is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems.

By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser of the user visiting the malicious URL. This could lead to the execution of HTML and script code in the security context of the UPB site.

http://example.com/phorum/viewtopic.php?id=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&t_id=2
 
Источник
www.exploit-db.com

Похожие темы