[27264] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

phpWebSite XSS Vulnerability

daemon@ATHENA.MIT.EDU (Sp.IC)
Wed Oct 2 19:17:10 2002

Date: 2 Oct 2002 21:59:08 -0000
Message-ID: <20021002215908.22973.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: "Sp.IC" <SpeedICNet@Hotmail.Com>
To: bugtraq@securityfocus.com

.:: phpWebSite XSS Vulnerability.

A Cross-Site Scripting vulnerability found in phpWebSite that would allow 
attackers to inject script codes into the page and executing it on the 
clients browser as if it were provided by the site.

• Vulnerable systems:

    - phpWebSite 0.8.3, maybe other versions.

• Example:

article.php?sid="><Img Src=javascript:alert(document.cookie)><Img Src="


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[27264] in bugtraq

phpWebSite XSS Vulnerability

daemon@ATHENA.MIT.EDU (Sp.IC)Wed Oct 2 19:17:10 2002

daemon@ATHENA.MIT.EDU (Sp.IC)
Wed Oct 2 19:17:10 2002