Description
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jedi/Sector One · textwebappsphp
https://www.exploit-db.com/exploits/21933
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5945
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0148.html
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10336.php
Scores
EPSS
0.0052
EPSS Percentile
67.0%
Details
Status
published
Products (1)
phprank/phprank
1.8
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026