[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bractus SunTrack Multiple XSS

To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>, fd <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Bractus SunTrack Multiple XSS
From: Bugs NotHugs <bugsnothugs@xxxxxxxxx>
Date: Tue, 3 Nov 2009 17:21:11 -0700

Vendor: Bractus (http://bract.us)
Product: SunTrack (http://bract.us/demo/login.jsp)

Multiple stored XSS vulnerabilities exist in the Bractus SunTrack
courier software suite.

Affected scripts:
newprofile.html (title parameter)
signup/signup.html (firstname, lastname, company parameter)
contact.html (firstname, lastname, address[0].street1 parameter)

-- 

BugsNotHugs
Shared Vulnerability Disclosure Account

Prev by Date: Secunia Research: IBM Tivoli Storage Manager CAD Service Buffer Overflow
Next by Date: Re: /proc filesystem allows bypassing directory permissions on
Previous by thread: Secunia Research: IBM Tivoli Storage Manager CAD Service Buffer Overflow
Next by thread: [security bulletin] HPSBUX02355 SSRT080023 rev.2 - HP-UX Using libc, Remote Denial of Service (DoS)
Index(es):
- Date
- Thread