TUCoPS :: Web :: PHP :: bx1157.htm

PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability
PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability
PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability


# PHP iCalendar <= 2.24 - Cross-Site Scripting Vulnerability=0D
# Download:=0D
# http://phpicalendar.net/=0D 
# Bug found by Jose Luis G=F3ngora Fern=E1ndez / JosS=0D
# Contact: sys-project[at]hotmail.com=0D
# Spanish Hackers Team / Sys - Project=0D
# www.spanish-hackers.com=0D 
# /server irc.freenode.net /join #fullsecure=0D
# d0rk: "Powered by PHP iCalendar"=0D
=0D
[*] Exploit In (XSS):=0D
=0D
events/calview/week.php?cal=&getdate=[XSS]=0D
month.php?cal=&getdate=[XSS]=0D
year.php?cal=&getdate=[XSS]=0D
=0D
[*] Cross Siting Scripting (Code):=0D
=0D
">=0D
=0D
 //---------------------------------------\\=0D
=0D
Greetz To: All Hackers=0D
Jose Luis G=F3ngora Fern=E1ndez / JosS!

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH