[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

InselPhoto 1.1 Persistent XSS Vulnerability

Author
rAWjAW
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4853
Category
web applications
Date add
16-02-2009
Platform
unsorted
===========================================
InselPhoto 1.1 Persistent XSS Vulnerability
===========================================


###########################################################
# Software: InselPhoto v1.1 Persistent XSS Vulnerability  #
# Discovered by: Paul Hand aka rAWjAW                     #
###########################################################

For this Persistent XSS to work you have to:
1. Create a user account
2. Create an album
3. Upload any picture to the photo album you created and put as the description something such as: <script>alert(document.cookie)</script>
4. Now have anyone view your slideshow!



#  0day.today [2024-12-24]  #