Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12855
HistoryMay 27, 2006 - 12:00 a.m.

PHPSimple Choose v0.3

2006-05-2700:00:00
vulners.com
13
JSON

PHPSimple Choose v0.3

Homepage:

http://phpsimplechoose.sourceforge.net
Description:

Do you need to add some fun to your site? Look no further. With PHPSimpleChoose you can let your
users input terms and have one randomly choosen. Every bit of text is changeable, and we are working
on allowing you to choose how many text boxes there are. We have also intergrated many <span> elements
to allow CSS customization.

Effected files:

Input forms on PHPSimpleChoose

The input forms don't sanatize user input before dynamically generating it. This could cause users to
insert malicious data.

Proof of concept:

Try entering [IMG SRC=javascript:alert('XSS')] in the input boxes.

JSON