hello 3APA3A schrieb: > Hello mopb, > > phpinfo() crossite scripting > > http://www.php-security.org/MOPB/MOPB-08-2007.html > > was initially(?) reported in 2003 by Silent Needle > > http://securityvulns.com/docs4647.html > Well technically it is a different XSS vulnerability. The one by silent needle obviously affected string variable output. The XSS in MOPB affects only array variable output.
Stefan Esser _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
