Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27988
HistoryApr 23, 2012 - 12:00 a.m.

phpMyBible 0.5.1 Mutiple XSS

2012-04-2300:00:00
vulners.com
10
JSON

Exploit Title: phpMyBible 0.5.1 Mutiple XSS

Date: 04/15/12

Author: G13

Twitter: @g13net

Software http://sourceforge.net/projects/phpmybible/?source=directory

Version: 0.5.1

Category: webapps (php)

Description

phpMyBible is an online collaborative project to make an e-book of the
Holy Bible in as various language as possible. phpMyBible is designed
to be flexible to all readers while maintaining the authenticity and
originality of the Holy Bible scripture.

Vulnerability

phpMyBible has multiple XSS vulnerabilities.

When reading a section of the Bible; both the 'version' and 'chapter'
variables are prone to reflective XSS.

Exploit

http://localhost/index.php?book=1&version=[XSS]&chapter=[XSS]

Vendor Notification

04/15/12 - Vendor Notified
04/22/12 - No response, disclos

JSON