当前位置: 首页 > 工具软件 > ATutor > 使用案例 >

ATutor Multiple XSS Vulnerabilities

洪光霁
2023-12-01
ATutor is "a web based education portal". Multiple cross site scripting vulnerabilities have been discovered in the ATutor program allowing a remote attacker to embed arbitrary HTML and/or JavaScript into the web site displayed by the product.

Credit:
The information has been provided by h4cky0u.[@more@]

Vulnerable Systems:
* ATutor version 1.5.1

Proof of Concepts:
The following URLs can be used to trigger the vulnerabilities:
http://localhost/tour/login.php?course=">>

http://localhost/tour/search.php?search=1&search=1 &words=">&include=all&find_in=all&display_as=pages

By matrix_killer');&include=all&find_in=all&display_as=pages&submit=Search

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/83980/viewspace-804885/,如需转载,请注明出处,否则将追究法律责任。

转载于:http://blog.itpub.net/83980/viewspace-804885/

 类似资料:

相关阅读

相关文章

相关问答