Posted by Jing Wang on Aug 01
PhotoPost PHP 4.8c Cookie Based Stored XSS (Cross-site Scripting) Web
Application 0-Day Bug
Exploit Title: PhotoPost PHP __utmz Cookie Stored XSS Web Security
Vulnerability
Product: PhotoPost PHP
Vendor: PhotoPost
Vulnerable Versions: 4.8c 4.8.6 4.8.5 4.8.2 3.1.1 vB3
Tested Version: 4.8c vB3
Advisory Publication: July 25, 2015
Latest Update: July 28, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference:
Impact CVSS Severity…