Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting

14次阅读
没有评论

Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting

漏洞ID 1053635 漏洞类型
发布时间 2002-11-08 更新时间 2002-11-08
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site ScriptingCVE编号 N/A
Ultimate PHP Board Board 1.0 final Beta - 'viewtopic.php' Cross-Site ScriptingCNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22076
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/6335/info

Ultimate PHP Board (UPB) is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems.

By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser of the user visiting the malicious URL. This could lead to the execution of HTML and script code in the security context of the UPB site.

http://example.com/phorum/viewtopic.php?id=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&t_id=2

相关推荐: Multiple Vendor WEB-INF Directory Contents Disclosure Vulnerability

Multiple Vendor WEB-INF Directory Contents Disclosure Vulnerability 漏洞ID 1101820 漏洞类型 Access Validation Error 发布时间 2002-06-28 更新时间…

正文完
 0