Skip to content
This repository has been archived by the owner on Mar 2, 2019. It is now read-only.

XSS Vulnerability in /readfile.php #21

Open
viccon opened this issue May 9, 2017 · 0 comments
Open

XSS Vulnerability in /readfile.php #21

viccon opened this issue May 9, 2017 · 0 comments

Comments

@viccon
Copy link

viccon commented May 9, 2017

How to reproduce:

  1. Upload poc.html to your disk.
    poc.html
    <script>alert(1)</script>
  2. Make poc.html public.
  3. Get the link to poc.html, eg.
    http://localhost/readfile.php/poc.html?id=1966eed0e8227328b9007838f43185ff694578ad&password=7dced87b7273eb62c3832e0cc07eb857e93f083b
  4. XSS would be triggered once user visit the link above.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant