PhotoStore Multiple Cross-Site Scripting Vulnerabilities

2006-09-26T00:00:00
ID SECURITYVULNS:DOC:14415
Type securityvulns
Reporter Securityvulns
Modified 2006-09-26T00:00:00

Description

PhotoStore Multiple Cross-Site Scripting Vulnerabilities

site : http://www.ktools.net/photostore/

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

Exploite :

http://www.example.net/[path]/details.php?gid=[xss] http://www.example.net/[path]/view_photog.php?photogid=[xss]


Discoverd by : meto5757 of rootshell security group


greets : Ironfist , sverde1 , Dr.Viru$ , craziest (miss u!) & all my friends :)