Hi, there is a XSS vulnerability because of wrong validation of "cm" parameter.
Check it out: http://phpwebsite_1_7_3/index.php?module=filecabinet&cm=XSS_HERE&itn=icon&rf=0&fid=0&fr=1&ml=1&mw=60&mh=60&fud=0&ftype=1&fop=fm_folders&authkey=sialala
Log in to post a comment.
