7 lines
No EOL
496 B
Text
7 lines
No EOL
496 B
Text
source: http://www.securityfocus.com/bid/13276/info
|
|
|
|
PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is followed, the code may be rendered by the victim's browser in the context of the vulnerable site.
|
|
|
|
Exploitation could allow theft of cookie-based authentication credentials or other attacks.
|
|
|
|
http://www.example.com/index.php?act=load&dir=[XSS] |