Closed webbird closed 9 years ago
I have checked all but the response splitting. The XSS examples require that the user is already logged in in the backend; he will be forwarded to the login page otherwise. The given data will be dropped in that case.
I found the XSS problem in ./modules/admin.php and added a quite simple fix.
The HTTP Response Splitting problem does only occur with PHP versions below 5.1. As WB requires 5.3, we can handle this as "fixed".
See
https://www.exploit-db.com/exploits/35277/
--- QUOTE ---
SQL Injection:
Cross-Site Scripting GET:
HTTP RESPONSE SPLITTING:
If you enter a valid user and password, you can inject on the headers malicious code, example.