Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

xss in php koala script v1.2
From: shieldmaiden333 () aol com
Date: Fri, 14 Oct 2005 18:11:48 -0400

xss
/info.php?user=<xss>
 
and an upload vulnerability if you upload a file named file.gif.php
/upload/file.gif.php?cmd=ls
 
file.gif.php is attached

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • xss in php koala script v1.2 shieldmaiden333 (Oct 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]