Vulnerabilities > CVE-2004-2363 - Unspecified vulnerability in PHPx
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpx
exploit available
Summary
Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal "<", ">", "(", and ")" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | Phpx
| 20 |
Exploit-Db
description | PHPX 3.x Multiple Cross-Site Scripting Vulnerabilities. CVE-2004-2363. Webapps exploit for php platform |
id | EDB-ID:24083 |
last seen | 2016-02-02 |
modified | 2004-05-05 |
published | 2004-05-05 |
reporter | JeiAr |
source | https://www.exploit-db.com/download/24083/ |
title | PHPX 3.x - Multiple Cross-Site Scripting Vulnerabilities |