MyBlogs Version 0.72

Пассивная XSS

\e107_plugins\myblog_menu\myblog.php

Result: http://localhost/e107_plugins/myblog_menu/myblog.php?a=profile&s=newpost

Text:

Caption:

Tags:

Активная xss

site.ru/e107_plugins/myblog_menu/myblog.php?a=tag

Search on tagwords:">alert()

​