PHCDownload search.php string Variable XSS

2007-12-28T00:00:00
ID OSVDB:40190
Type osvdb
Reporter OSVDB
Modified 2007-12-28T00:00:00

Description

Manual Testing Notes

http://[target]/phcdownload/search.php?string=[XSS-CODE]

References:

Secunia Advisory ID:28258 Related OSVDB ID: 40191 Other Advisory URL: http://lostmon.blogspot.com/2007/12/xss-flaw-posible-sql-injection-in.html CVE-2007-6669 Bugtraq ID: 27066