Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Linksys Web Camera Cross-site Scripting Vuln
Jun 13 2004 02:06PM
Tyler Guenter aka scriptX (scriptX_ hotmail com)
Linksys Web Camera version 2.10 (only tested with 2.10) is vulnerable to a cross-site scripting vulnerability.
Example: http://www.host.com/main.cgi?next_file=poop<script>alert('scriptX :P');</script>
Linksys was not notified (I didnt notify them about the file inclusion vuln eit...
[ more ]
Copyright 2010, SecurityFocus