[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Aria-security] itcms 0.2 Cross-site Scripting (XSS)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [Aria-security] itcms 0.2 Cross-site Scripting (XSS)
From: h4ck3riran@xxxxxxxxx
Date: 29 Jul 2007 16:05:23 -0000

[Aria-Security]


# Tilte: itcms 0.2 Cross-site Scripting (XSS)
# <www.Aria-security.Com For English >
# <www.Aria-Security.net For Persian >
# < Author: You_You >
# < Software: itcms >
# < Site Script:http://sourceforge.net/projects/itcms/ >

proof Of Concept :


local/[path]/lang-en.php?wndtitle=[Xss-script]
local/[path]/menu-ed.php?wndtitle=[Xss-script]
local/[path]/titletext-ed.php?wndtitle=[Xss-script]

Prev by Date: [ GLSA 200707-14 ] tcpdump: Integer overflow
Next by Date: E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL
Previous by thread: [ GLSA 200707-14 ] tcpdump: Integer overflow
Next by thread: E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL
Index(es):
- Date
- Thread