Exploit Fresh Guest Book 1.0/2.x - HTML Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23890
Проверка EDB
  1. Пройдено
Автор
KOI8-R SHELZ
Тип уязвимости
WEBAPPS
Платформа
CGI
CVE
cve-2004-1867
Дата публикации
2004-03-29
Код:
source: https://www.securityfocus.com/bid/9995/info

It has been reported that Fresh Guest Book is prone to a remote HTML injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied form input.

An attacker may exploit the aforementioned vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible. 

<script>alert('xss');</script>
 
Источник
www.exploit-db.com

Похожие темы