PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability

2005-04-20T00:00:00
ID EDB-ID:25468
Type exploitdb
Reporter sNKenjoi
Modified 2005-04-20T00:00:00

Description

PHP Labs proFile Dir URI Variable Cross-Site Scripting Vulnerability. CVE-2005-1233. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/13276/info

PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is followed, the code may be rendered by the victim's browser in the context of the vulnerable site.

Exploitation could allow theft of cookie-based authentication credentials or other attacks. 

http://www.example.com/index.php?act=load&dir=[XSS]