filtered schreef: > Hi, > > we have script containing > > <? echo $_GET['studio'] ?> let say I do: example.com/yourscript.php?studio=<script type="text/javascript">alert('I am an evil haxor');</script> excusing the fact that the query is not urlencoded, what happens on your site (replace domain and script name to match your site/script) > > and > > <? > $cam = $_GET['cam']; > > if ($cam == '1') { > echo '<img src="http://example.com"" />'; > } if ($_GET['cam'] === '1') echo '<img src="http://example.com" />'; no need to create the $cam var, and a little better to check for the exact value+type (===) > ?> > > Is this code prone to XSS attacks or for attacking the local webserver > and if so, how? > > $cam isn't used anywhere else. > > -a > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php