filtered wrote:
On Wed, Mar 11, 2009 at 13:44, Jochem Maas <jochem@xxxxxxxxxxxxx> wrote:
filtered schreef:
Hi,
we have script containing
<? echo $_GET['studio'] ?>
let say I do:
example.com/yourscript.php?studio=<script type="text/javascript">alert('I am an evil haxor');</script>
excusing the fact that the query is not urlencoded, what happens on your site
(replace domain and script name to match your site/script)
Ok, but I don't see how this code could be used to attack the local
php/web-server
reflected attack.
Someone puts that as the image source on some website they trick a
legitimate user in going to (IE - click here to see latest brittany
spears scandal !!!) - their browser tries to load the image, instead
calling your page with the XSS attack thus allowing the cracker to read
any cookies the user has from your domain which can then allow the
cracker to impersonate the user via session ID.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
