Exploit e107 0.7.5 - 'Subject' HTML Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28078
Проверка EDB
  1. Пройдено
Автор
ELLIPSIS SECURITY
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-3259
Дата публикации
2006-06-21
Код:
source: https://www.securityfocus.com/bid/18560/info

The e107 CMS is prone to an HTML-injection vulnerability.

An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site when the inserted data is viewed.

In Submit comment:
Subject: '><script>alert(/XSS/)</script>
 
Источник
www.exploit-db.com

Похожие темы