CuteNews 1.3.6 XSS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CuteNews 1.3.6 XSS

Subject: CuteNews 1.3.6 XSS
Date: 1 Dec 2006 20:56:34 -0000
From: suppressed

PHP Script: CuteNews 1.3.6
Class: XSS
Website: http://cutephp.com/cutenews
Found by: Detefix
dork: inurl:cutenews

-----

- Vulnerable Code:

<td align=center colspan=4 style='text-align:left;'>$result</td>

-----

- Exploit:

http://[target]/[path-to-cutenews]/?result=[XSS]

Prev by Date: [Aria-Security Team] DuWare DuDownloads SQL Injection Vuln
Next by Date: [Aria-Security Team] DuWare DuForum SQL Injection Vuln
Previous by thread: [Aria-Security Team] DuWare DuDownloads SQL Injection Vuln
Next by thread: [Aria-Security Team] DuWare DuForum SQL Injection Vuln
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.