ComputerOil Redakto CMS Multiple Cross-Site Scripting Vulnerabilities

No exploit is required.

Example URI have been provided that demonstrate the exploitation of these issues:
http://www.example.com/index.tpl?iid=[XSS]
http://www.example.com/index.tpl?iid=l3a1b3〈=[XSS]
http://www.example.com/index.tpl?iid=l3a1b3〈=1&iid2=[XSS]
http://www.example.com/index.tpl?iid=l3a1b3〈=1&iid2=3&r=[XSS]
http://www.example.com/index.tpl?iid=l093a1b1〈=1&iid2=[iid2]&r=[r]&cart=[XSS]
http://www.example.com/index.tpl?iid=l093a1b1〈=1&iid2=[iid2]&r=[r]&cart=11351542306899006&str=[XSS]
http://www.example.com/index.tpl?a=search_adv&cart=11351544339319101〈=1&iid=13&nf=[XSS]
http://www.example.com/index.tpl?a=[XSS]


 

Privacy Statement
Copyright 2010, SecurityFocus