one of my friends find an XSS problem in CNR search page
i test it here
http://english.cutenews.ru/cuteru/examp ... Cxxx%20%22
look after it
thx
see ya
xss exploit in cnr
3 posts
• Page 1 of 1
xss exploit in cnr
by MiNi.SpIdEr » Thu Jul 23, 2009 7:45 am
HI every body
one of my friends find an XSS problem in CNR search page
i test it here
http://english.cutenews.ru/cuteru/examp ... Cxxx%20%22
look after it
thx
see ya
one of my friends find an XSS problem in CNR search page
i test it here
http://english.cutenews.ru/cuteru/examp ... Cxxx%20%22
look after it
thx
see ya
- MiNi.SpIdEr
- Posts: 78
- Joined: Tue Jan 22, 2008 6:30 pm
by Chaser » Thu Jul 23, 2009 6:32 pm
In search.php move the line 55 "$search = htmlspecialchars($search);" to the top of the page.
- Code: Select all
<?
include_once 'head.php';
$search = htmlspecialchars($search);
$sday[] = '';
...
-
Chaser - Posts: 72
- Joined: Tue Feb 17, 2009 7:26 pm
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests