#**********************************************************
# Exploit Title: Xampp 1.7.3 XSS multiple vulnerabilities
# Date: 11/06/2010
# Author: Sangteamtham
# Software Link: http://www.apachefriends.org/en/xampp.html
# Version: 1.7.3
# Tested on: Windows 7
# Email: Sangteamtham@gmail.com
# Blog: http://sangte.blogspot.com/
# Homepage: http://hcegroup.net/hceteam
#***********************************************************
1.Description:
XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start.
2. Vulnerabilities:
http://paste2.org/p/1075584
3. Poc:
4. Patch:
Vender should filter the special characters when input the form.
Clients should set password access to xampp folder.
5. Credits:
Thanks flying to Vietnamese hackers and all hackers out there researching for more security.
*************************************************************
No comments:
Post a Comment