[] NeoSense
E X P L O I T S
title author type platform port cve id

PHP Labs - '.proFile' File URI Cross-Site Scripting

Author: sNKenjoi
type: webapps
platform: php
port: 
date_added: 2005-04-20 
date_updated: 2013-05-16 
verified: 1 
codes: CVE-2005-1233;OSVDB-15697 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/13282/info

PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, attackers may embed hostile HTML and script code in a malicious link to the affected application. If the link is followed, the code may be rendered by the victim's browser in the context of the vulnerable site.

Exploitation could allow theft of cookie-based authentication credentials or other attacks.

http://www.example.com/index.php?act=delete&dir=&file=[XSS]
http://www.example.com/index.php?act=copy&dir=&file=[XSS]
http://www.example.com/index.php?act=rename&dir=&file=[XSS]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.