proFile from PHPLabs suffers from various cross site scripting vulnerabilities.
3754e2edde50de17943f81f2feee3d876e5cb83a49044f07554481ed45a472c7
http://www.snkenjoi.com/secadv/secadv7.txt
sNKenjoi's Security Advisory: XSS Vunerabilities in proFile
Security Advisory: XSS Vunerabilities in proFile
Severity: Medium
Title: XSS Vunerabilities in proFile
Vendor: PHPLabs
Vendor Website: http://phplabs.com/
Proof of Concept Exploits:
XSS
http://localhost/index.php?act=load&dir=[XSS]
http://localhost/index.php?act=delete&dir=&file=[XSS]
http://localhost/index.php?act=copy&dir=&file=[XSS]
http://localhost/index.php?act=rename&dir=&file=[XSS]
snkenjoi.com & zone-h.org
snkenjoi@gmail.com