TUTOS - app_new.php?t Cross-Site Scripting

2004-09-20T00:00:00
ID EXPLOITPACK:9630B2B8F4FAB6EE29EF075707641C43
Type exploitpack
Reporter Joxean Koret
Modified 2004-09-20T00:00:00

Description

TUTOS - app_new.php?t Cross-Site Scripting

                                        
                                            source: https://www.securityfocus.com/bid/11221/info
 
Tutos is reported prone to multiple remote input-validation vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and SQL-injection attacks.
 
These issue reportedly affect Tutos 1.1.2004-04-14.

http://www.example.com/app_new.php?t=200408240<script>alert(document.cookie)</script>