The Hacker News Logo
Subscribe to Newsletter

Exploit Release : XAMPP 1.7.3 multiple Vulnerabilities

Exploit Title: XAMPP <= 1.7.3 multiple vulnerabilites
Author: TheLeader
Software Link: http://www.apachefriends.org/en/xampp-windows.html
Affected Version: 1.7.3 and prior
Tested on Windows XP Hebrew, Service Pack 3
http://images.tblog.com/user_images/1213841656_kinghavoc.gif
I. File disclosure : XAMPP is vulnerable to a remote file disclosure attack.
The vulnerability exists within the web application supplied with XAMPP.
II. Cross Site Scripting : It is interesting to see the same programming error lead to another security vulnerability.Some PHP scripts in the XAMPP dir rely on $_SERVER['PHP_SELF'] for retrieving the "action" tag for HTML forms.This can be exploited to perform Cross Site Scripting attacks.
Exploit Link : http://inj3ct0r.com/exploits/14686

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.