[Aria-security] itcms 0.2 Cross-site Scripting (XSS) Jul 29 2007 04:05PM
h4ck3riran yahoo com

[Aria-Security]

# Tilte: itcms 0.2 Cross-site Scripting (XSS)
# <www.Aria-security.Com For English >
# <www.Aria-Security.net For Persian >
# < Author: You_You >
# < Software: itcms >
# < Site Script:http://sourceforge.net/projects/itcms/ >

proof Of Concept :

local/[path]/lang-en.php?wndtitle=[Xss-script]
local/[path]/menu-ed.php?wndtitle=[Xss-script]
local/[path]/titletext-ed.php?wndtitle=[Xss-script]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus