Sunday, May 2, 2010

PHP website XSS Defacement

Cross-site scripting , html injection and redirect on and

Screenshots and proff of concept

Redirect from php site to google POC and XSS

Sample xss alert on

And now what about ?

Shame! :( nothing more...

This bug has been fixed in SVN. Since the websites are not directly
updated from the SVN server, the fix might need some time to spread
across the globe to all mirror sites, including itself.

Thank you for the report, and for helping us make better.