BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
CuteNews 1.3.6 XSS
Dec 01 2006 08:56PM
emulamex hotmail com
PHP Script: CuteNews 1.3.6
Class: XSS
Website: http://cutephp.com/cutenews
Found by: Detefix
dork: inurl:cutenews
-----
- Vulnerable Code:
<td align=center colspan=4 style='text-align:left;'>$result</td>
-----
- Exploit:
http://[target]/[path-to-cutenews]/?result=[XSS]
...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Class: XSS
Website: http://cutephp.com/cutenews
Found by: Detefix
dork: inurl:cutenews
-----
- Vulnerable Code:
<td align=center colspan=4 style='text-align:left;'>$result</td>
-----
- Exploit:
http://[target]/[path-to-cutenews]/?result=[XSS]
...
[ more ]