davidcoeilat / phurl

Automatically exported from code.google.com/p/phurl
0 stars 0 forks source link

admin/index.php vulnerable to XSS #89

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Similar to this
http://code.google.com/p/phurl/issues/detail?id=69

But you need to have more than 25 URLs

if you visit (you must be logged in) 
http://site.com/phurl/admin/index.php/"><script>alert(1);</script>

It causes XSS

Original issue reported on code.google.com by itspa...@gmail.com on 26 Oct 2010 at 1:43

GoogleCodeExporter commented 9 years ago
Have you tried after enabling register globals? It works fine for me

Original comment by hcblahb...@gmail.com on 26 Oct 2010 at 7:44

GoogleCodeExporter commented 9 years ago
I tried enabling register globals, and it is still vulnerable.

Original comment by itspa...@gmail.com on 26 Oct 2010 at 7:47

GoogleCodeExporter commented 9 years ago
the only thing i think that could be it is magic_quotes_gpc is set to Off

But I tried just turning it on, and the example still works.

I would just run php_self thru htmlentities()

Just to be fine

Original comment by itspa...@gmail.com on 26 Oct 2010 at 8:00

GoogleCodeExporter commented 9 years ago

Original comment by hcblahb...@gmail.com on 26 Oct 2010 at 10:05

GoogleCodeExporter commented 9 years ago

Original comment by hcblahb...@gmail.com on 28 Oct 2010 at 12:12