TUCoPS :: Web :: PHP :: b06-4918.htm

PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.
PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.
PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.



##################################################=0D
description :=0D
-------------=0D
PHP Invoice designed to automate your entire account, order, billing, ticket system needs. From displaying your sales content, to ordering, PHP Invoice will handle all your billing and authentication requirements with speed and ease.=0D
No Matter Webmaster, Web Designer, Business Owner, Web Hosting Company or even Developer, All you need is PHP Invoice.=0D
=0D
venedor :=0D
---------=0D
http://www.phpinvoice.com=0D 
=0D
Exploite :=0D
----------=0D
http://www.example.com/[path]/home.php?msg=Successfully%20updated&alert=[xss]=0D 
=0D
This may allow an attacker to steal cookie-based authentication credentials .=0D
=0D
----------------------------=0D
Discoverd by :=0D
--------------=0D
meto5757=0D
----------------------------=0D
Greets :=0D
--------=0D
Mesho & Basiony , KaRim (koko) , all my friends .=0D
----------------------------=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH