# Exploit Title: BlogPHP v2 - XSS # Author: Paul Maaouchy( Paulzz ) # Software Link: http://sourceforge.net/projects/blogphpscript/files/blogphpscript/2.0/BlogPHPv2.zip/download # Version: v2
How to exploit: 1- Go there : http://www.2cto.com /blogphp/register.html. 2- Put in the Username field the XSS Code. Example:<META http-equiv="refresh" content="0;URL=http://www.2cto.com"> . 3- Put anything in the other field ( Password & E-mail). 4- Now anyone go there : http://www.2cto.com /blogphp/members. html will redirected to google.com OR exploit your XSS Code. Paul Maaouchy ( Paulzz )
查看更多关于BlogPHP v2持久XSS缺陷及修复 - 网站安全 - 自学php的详细内容...
声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://www.haodehen.cn/did11594