Xampp 1.7.4 for Windows multiple Site Scripting Vulnerabilities

ID SSV:23127
Type seebug
Reporter Root
Modified 2011-10-27T00:00:00


No description provided by source.

$ Xampp 1.7.4 for Windows multiple Site Scripting Vulnerabilities 
$ Author : Sangteamtham 
$ Home : Hcegroup.net 
$ Download :http://www.apachefriends.org/en/xampp-windows.html 
$ Date :07/12/2011 
$ Twitter: http://twitter.com/Sangte_amtham

 XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really 
 very easy to install and to use - just download, extract and start.
2. Patch:

 Jul 12, 2011: Contact to vendor.
 Jul 12, 2011: Vendor said that they would fix in next release
 Sep 21, 2011: Released XAMPP 1.7.7 
 Oct 27, 2011: Release the bug.

3. POC:



In adodb.php, we have a form to submit database information, but this form is not filer well. So web can submit the 
malicious codes. 


$ Greetz to: All Vietnamese hackers and Hackers out there researching for more security