- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22725
- Проверка EDB
-
- Пройдено
- Автор
- MATTHEW MURPHY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2002-1954
- Дата публикации
- 2002-10-12
Код:
source: https://www.securityfocus.com/bid/7805/info
Scripts that include the PHP phpinfo() debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link.
http://www.example.com/info.php?variable=[code]
where [code] equals hostile HTML or script code.- Источник
- www.exploit-db.com
