phppgadmin-xss.txt

------=Part257544061665.1180272607070 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Synopsis: Multiple XSS Vulnerabilities Introduction: phpPgAdmin is a web-based administration tool for PostgreSQL. Details: phpPgAdmin...

[Full-disclosure] Apache/PHP REQUEST_METHOD XSS Vulnerability

There exist a flaw in a way how Apache and php combination handle the $SERVER array. If the programmer writes scrip like this: ?php echo $SERVER'REQUESTMETHOD'; ? He will assume that REQUESTMETHOD can only by: GET,POST,OPTIONS,TRACE and all that stuff. However this is not true, since Apache accep...