TUCoPS :: Web :: Apps :: b06-1664.htm

Calendarix "yearcal.php" XSS Attacking
Calendarix "yearcal.php" XSS Attacking
Calendarix "yearcal.php" XSS Attacking



Website : http://www.calendarix.com 

Vulnerable : 

if (!isset($_GET['ycyear']))
  $ycyear = $y ;
else
  $ycyear = $_GET['ycyear'];

http://www.site.com/[path]/yearcal.php?ycyear= 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH