183 matches found
XSS bug in php(Reactor)
Vulnerable systems: 1.2.7pl1 Exploit: forums/browse.php?fid=3&tid=46&go=scriptJavaScript:alert 'Hi';/script with out "" Solution: i thought this but i am not sure open browse.php and add this code in line 52: $go = HTMLSpecialChars$go; $go = PREGReplace"/A-Z&.;:!@$^''//i", "", $go;...
CVE-2002-0958
Cross-site scripting vulnerability in browse.php for PHPReactor 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section...
[ARL02-A12] PHP(Reactor) Cross Site Scripting Vulnerability
+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A12 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : phpReactor Cross Site Scripti...