[eVuln.com] url XSS in Hot Links Lite Nov 22 2010 04:02PM
bt evuln com
New eVuln Advisory:

url XSS in Hot Links Lite



eVuln ID: EV0142

Software: Hot Links Lite

Vendor: Mrcgiguy

Version: 1.0

Critical Level: low

Type: Cross Site Scripting

Status: Unpatched. No reply from developer(s)

PoC: Available

Solution: Not available

Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ )


XSS vulnerability found in url parameter of process.cgi script. This can be used to insert any script code. Admin panel is vulnerable also.


PoC code is available at http://evuln.com/vulns/142/exploit.html


Not available


Vulnerability discovered by Aliaksandr Hartsuyeu

http://evuln.com/tool/xss-encoder.html - XSS String Encoder

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus