phpWebSite XSS Vulnerability

From: Sp.IC (SpeedICNetat_private)
Date: Wed Oct 02 2002 - 14:59:08 PDT

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021003-021] glibc: several security-related updates."

Previous message: Jonathan G. Lampe: "Kill a Unisys Clearpath with nmap port scan"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) .:: phpWebSite XSS Vulnerability. A Cross-Site Scripting vulnerability found in phpWebSite that would allow attackers to inject script codes into the page and executing it on the clients browser as if it were provided by the site. • Vulnerable systems: - phpWebSite 0.8.3, maybe other versions. • Example: article.php?sid="><Img Src=javascript:alert(document.cookie)><Img Src="

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021003-021] glibc: several security-related updates."
Previous message: Jonathan G. Lampe: "Kill a Unisys Clearpath with nmap port scan"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 02 2002 - 16:16:19 PDT