NetWin DBabble 2.5 i - Cross-Site Scripting

2003-09-16T00:00:00
ID EXPLOITPACK:0B80A1D6C6E83D75A01B0EC29BAB640B
Type exploitpack
Reporter dr_insane
Modified 2003-09-16T00:00:00

Description

NetWin DBabble 2.5 i - Cross-Site Scripting

                                        
                                            source: https://www.securityfocus.com/bid/8637/info

A cross-site scripting problem has been reported in NetWin DBabble. This could make it possible for an attacker to potentially execute code in the security context of a site using the vulnerable software. This could be exploited by enticing a user to follow a malicious link to a site hosting the software. 

http://www.example.com/dbabble?cmd="><evil_script>