• info
• discussion
• exploit
• solution
• references

LucidCMS Index.PHP Multiple Cross-Site Scripting Vulnerabilities

These issues can be exploited through a web client.

The following proof-of-concept URIs are available:

http://www.example.com/[lucidcms_dir]/index.php?command=login'>[XSS_here]

http://www.example.com/[lucidcms_dir]/index.php?i18n=cs_CZ&command=panel'>[XSS_here]